Identifying users at risk


21 January 2015
Users at risk

Japanese ICT company Fujitsu and its wholly owned subsidiary Fujitsu Laboratories say they have developed the industry's first technology that makes use of social psychology to identify users at risk of cyber attacks based on the way they use their computers, such as their email and web activities.

According to Fujitsu, cyber attacks have been growing increasingly sophisticated, with attacks designed to exploit the psychological vulnerabilities of targeted users to defraud them or infect their PCs with viruses, such as by setting traps in email messages or websites designed to appear to be from trusted sources in line with the targeted user's interests or job duties.

These kinds of attacks, Fujitsu said, are often difficult to distinguish from ordinary network access, and are difficult to detect using conventional email filters and firewalls.

Under these circumstances, the companies said, it is all the more important to be able to quickly identify those users who are most at risk of being victimised and to develop protective security measures tailored to the individual or organisation.

The companies said they have used online questionnaires to identify the relationship between the psychological traits and behaviour of people likely to suffer three kinds of attack: virus infections, scams, and data leakage.

Participants consisted of approximately 2,000 employees throughout Japan ranging in age from their 20s to their 60s, male and female, who use their own PC to do most of their work, with half of them having previously experienced an attack.

According to the results of the analysis, people who prioritised benefits over risks were more vulnerable to virus attacks, and that people who were highly confident in their own ability to use a computer were at higher risk for data leakage.

Fujitsu said they have developed a tool that logs activity on a user's computer - email traffic, web accesses, keyboard and mouse actions - and based on activity logs on PCs, such as when the PCs freeze, they have developed a technology for calculating different users' risks of being victimised.

This technology, according to Fujitsu, could be used to precisely tailor security measures, such as, for example, by displaying individualised warning messages to users who often click on URLs in suspicious email messages without checking them carefully, or escalating the threat level of suspicious emails sent between departments with virus-prone users.

Fujitsu and Fujitsu Laboratories said they aim to have a commercial implementation of this technology in 2016, and are working to detect users in conditions that are vulnerable to attacks more accurately, and to develop effective security technologies that connect to the psychological and behavioural traits of users.