When hackers released WannaCry last month, the attack rattled the tech world, and rightly so.

In just one day, the attack infected more than 230,000 computers in over 150 countries. It crippled Britain’s National Health Service and nearly halted government, school, and business operations all over the globe. It is being reported as the largest Ransomware attack the world has ever seen.

Many security teams across the world spent days and nights trying to understand and stop the ever-changing WannaCry worm and its variants. Microsoft came out with a patch for the software the WannaCry was using, but many found the some if not all of their computers had not been updated with the patch, thus leaving them vulnerable for an attack.

Many people are asking why these attacks keep happening and at greater speeds. There does not seem to be a quick solution anywhere near. Here are three reasons experts think cyberattacks keep happening.

1.       The billions of devices that compromise the internet are flawed. It was built for communities of trust, and not designed for e-commerce and sensitive data handling that we are now tasking it for.

2.       Humans will be humans. Human error is one of the biggest culprits of breaches. From clicking suspicious links to opening up the wrong email, humans make mistakes like this all the time. Despite efforts to educate and inform, it seems to never work.

3.       Threat actors, or hackers, are industrializing. They are becoming more sophisticated in the hacking attempts and becoming harder to find and stop. It’s easy to improve and automate stolen hacking kits to make them work better and last longer, meaning everyday people get hurt.

The world is always changing, and it’s important to adapt with it. As criminals industrialize and automate their attacks, one of the biggest threats is still personal behavior.

At Indiana University, a phishing scam from an email was opened and then attacked over 12,000 faculty and staff computers. The email wasn’t sophisticated, and could have easily been avoided, but it was not, and thousands of sensitive pieces of information were open to hackers.

Indiana University’s response to this attack was to start using a two-step login for a two-factor authentication system, which added an extra layer of security.

This simple changed worked and stopped an attack about a month after being implemented.

Cybersecurity is talked about a lot, and many people are becoming desensitized to the message of safety, but without people taking a serious look at their security, these attacks will keep on happening.

(Story Via Brad Wheeler)