In the wake of the CrowdStrike incident, where a single phishing email compromised the security of a major corporation, it has become increasingly clear that human psychological vulnerability is the Achilles’ heel of modern cybersecurity.
As businesses scrambled to find solutions and individuals grappled with the inconveniences, a sinister plot unfolded. Malicious actors, sensing an opportunity, launched a barrage of phishing scams designed to prey on the fear and urgency of the situation.
These scams, masterfully crafted, exploited our psychological weaknesses. Experts have long studied the tactics employed by cybercriminals, and the CrowdStrike incident showcases their effectiveness. When faced with a crisis, we tend to act impulsively, often disregarding the warning signs that would normally raise red flags.
The ostrich effect, where our rational minds ignore glaring facts, has never been more prevalent. But what drives this vulnerability, and how can we overcome it?
The Rise of Vulnerability
In recent years, the scientific study of subjective well-being has led to a greater understanding of human strengths and virtues. However, this focus on positivity has also highlighted the importance of acknowledging and addressing our vulnerabilities. As Brené Brown, a renowned researcher and podcaster, notes, “We find we are powerful enough to feel and deal with our vulnerabilities”.
The Anatomy of Vulnerability
has identified three main dimensions of perceived vulnerability: manifestations, feelings, and the image of vulnerable people. But what does this mean in practice? In the context of cybersecurity, vulnerability can manifest as a lack of awareness, a fear of being seen as weak, or a reluctance to ask for help. These feelings can lead to a culture of silence, where individuals are hesitant to report suspicious activity or seek support.
The Power of Support
So, how can we overcome these vulnerabilities? The answer lies in offering support and creating a culture of openness. As Brown notes, “Sometimes people just need to be heard, while other times they might seek advice or practical help».
For example, this idea is key, it’s how I usually check out corporate support services. If a company cannot hear me through its employee, then it is not any particular employee who receives the relevant assessment, but the entire company as a whole. It is the company’s responsibility to provide an environment for employees.
A Call to Action
This incident serves as a wake-up call for individuals and businesses alike. It’s time to prioritize cybersecurity education and awareness, empowering everyone to recognize and resist the psychological manipulation tactics employed by scammers.
Moreover, it’s crucial to build resilience within our systems, ensuring that a single point of failure doesn’t bring the entire infrastructure crashing down. Decentralization and redundancy can play a vital role in mitigating the impact of such disruptions.
The CrowdStrike saga highlights the broader societal dependence on technology and the risks associated with centralized systems. As we become increasingly reliant on digital solutions, the need for robust cybersecurity measures becomes more pressing than ever.
Aleksei Dolgikh
Agreed, social dependence on technology is high
But who’s concentrating their attention on it too much also in the trouble
Tech is for big numbers, without tech this billions and trillions is impossible… whatever it’s USD or people who moving them around the globe
Olga Odemchouk Medvedeva
More than agree, a big money is a big responsibility.