We are becoming more and more dependent on e-commerce and SaaS sites, meaning we have what seems like an endless stream of different passwords.
To make them more memorable it is tempting to use something personal to you and we bet if you take a second to think about your passwords, you’ll probably find that at least one of them contains a family members name, or the year you were born – information that will take hackers seconds to find. There is also a high probability that you have also used one of those passwords across multiple sites, making it even easier for cybercriminals to gain access.
A massive and very exploitable gap in the UK’s personal security knowledge was spotlighted during the National Cyber Security Centre’s ‘UK Cyber Survey‘.
It is time the UK took cyber security more seriously. To put into perspective just how little us Brits seem to know about cybersecurity, here are some of the results collected;
The password ‘123456’ has been found over 23 million times!
The National Cyber Security Centre in collaboration with Troy Hunt released a file containing the top 100,000 passwords from his Have I Been Pwned data set. If you see a password that you use in this list, you should change it immediately. You can also check if you have an account that has been compromised.
A common attack strategy is using lists like these when trying to breach a perimeter (password spraying). In a research study that allowed participating businesses to measure how defenceless they would be to a password spaying attack. Figured from the study found that:
Suggesting that password spraying attacks are more than likely to have some success against these businesses, and many others across the UK. Education is key when it comes to cyber security. The most effective approach your business can take is to educate your team and create a cyber aware culture, this will mean your team avoid using common passwords in the first place.
Contact us today to find out how we can help.