The chink in the armour of information security isn’t where you expect

When people envisage computer systems being hacked they may imagine a shadowy figure furiously typing away on a keyboard in a dark basement. Or they might think about some complicated wall of code or fancy high-tech gadgets to break into these systems. The reality is, unfortunately, much more benign than Hollywood would lead us to believe. In fact, it isn’t penetration testers or hackers that put information or computer systems at risk – it’s actually the users and administrators. Probably one of the most common weaknesses would have to be passwords. Users – even administrators tend to create weak passwords because they are relatively easy to remember, the problem is, they are even easier for computers to calculate. The best defense against this is of course to use a password manager, see our post here for recommendations on the best (and most privacy-respecting) password managers. Next, administrative configuration is a common weakness in systems that is often overlooked. What this means is when administrators set up systems, whether it be websites, servers or any number of systems such as network environments, too often they will leave certain settings as the default. At worst, they leave the login details as default, so if this is an internet-facing device, anyone who stumbles upon it will be able to login and most likely do whatever they please, including changing the login details – nice.

As always reader participation is not just welcomed, but encouraged! If you have any suggestions, corrections or anything in between, feel free to leave a comment. If the content of this blog is gobbledygook and you are in need of data recovery or other IT services, head on over to our Web Shop (currently undergoing maintenance). Want a good laugh? Check out our blog created entirely by artificial intelligence (AI)

We’ve done the research, so you don’t have to!

Thanks for reading!

Braeden Mitchell's Picture

About Braeden Mitchell

Braeden is currently studying a Master's in Information Security and freelancing as an IT consultant