F5 Networks has released the results of a new study into the UK’s app-centric society and consumer behaviours. The research reveals over a quarter of Brits (26%) do not check app security measures before downloading them, even though almost 30% believe hackers are likely to use shopping apps like Amazon and eBay to target their devices.
Across the UK, 2,000 consumers were surveyed, revealing that, regardless of rising fears over cyber-criminal activity, individuals are still neglecting to take action to stay safe online. Only one in five (21%) check the security measures of every new app they download, whereas the type of application impacted whether it was worth checking.
The least likely to be checked included news (19%), fitness (15%) and gaming apps (15%). Although apps holding financial information did not fare much better, with 12% not checking banking apps and 10% shopping apps for their security measures.
Indeed, some users were wary about certain applications collecting their data, particularly Facebook (48%), followed by eBay (20%), Amazon (19%) and WhatsApp (18%). Furthermore, when asked about which applications were believed to be high on the target list for hackers, 58% were concerned about Facebook.
According to data released by Apple, the most used app in 2016 was Snapchat, but only 7% were concerned that hackers were targeting the platform and 9% for Instagram, the fourth most used app last year.
The extensive survey of 2,000 UK consumers, conducted by research agency Opinium, revealed the following insights:
- Overall, 1 in 4 don’t check application security measures at all before they download apps and 23% said it is not compulsory at work to change their password on a regular basis at all
- IT and Telecoms is the sector most concerned about collection of personal data from Instagram – 21% cited it as one of the apps they are most wary of vs 10% average across industries
- IT and Telecoms is the sector most concerned about their porn habits being hacked – 20% cited it as a top concern (8% average out of all industries surveyed)
- 40% of IT and Telecoms workers wouldn’t purchase a smart lock over security concerns
- 27% of IT and Telecoms workers do not ever have to change their password at work, and the sector has the second longest period without having to change password on average – 10.7 weeks between password changes, second only to education (12 weeks)
Apps are the gateway to personal data
The information users were most concerned about being hacked proved similar to concerns over data collection. Although 83% were concerned about financial data being hacked, only 23% were worried about medical information.
Users potentially saw less opportunity for hackers to access their medical information, though the continued ransomware attacks on hospitals and UK National Health Service (NHS) Trusts in the past year tells another story. Much lower on the scale was the risk of work information and business details being hacked, as only 11% stated this was a concern.
The rise of the app economy has paved the way for the plethora of the Internet of Things (IoT) and smart home technology. The commercial gain is moving almost too quickly for security to keep up.
Which is reflected in the research. Almost two in five (39%) would refuse to purchase smart locks over hacker concerns. In addition, nearly a quarter (23%) would avoid buying voice activation systems and 21% would not consider purchasing a smart car as a result.
Gad Elkin, security director, EMEA at F5 Networks commented: “The growing concerns demonstrate that consumers are no longer in the dark about cyber security risks, but there is still more education needed – it’s not uncommon for a hacker to use work and business details to gain access to financial data or for hospitals to be targeted with a ransomware attack over confiscated medical information. The lines between work and personal lives have become blurred and we need more robust cyber security policies to reflect that.”
Application security in the workplace continues to be a pressing subject. Indeed, businesses are responding through their security policies as two thirds of those with access to computers (67%) say the IT team authenticates new downloads made on their devices, which further illustrates the challenges and risks with BYOD.
However, consider the risks of one in three employees not having downloads authenticated and it paints a worrying picture. It’s perhaps surprising therefore that only 13% are concerned about the lack of security controls in the workplace, but more so in manufacturing (29%) and IT/ Telecoms (22%).
Businesses have demonstrated mixed policies towards password security. Almost a quarter (23%) of respondents stated that it is not compulsory at work to change their password at all, highest amongst those in professional and business services (39%) and education (31%).
Of those that enforce compulsory password changes, 42% of respondents had to change theirs once a month, and 36% once a quarter. Financial services and consulting was the sector with the strictest password changes, as almost two in five staff (37%) were required to change their password every month.
“The debate around password security policies continues to divide IT teams. The importance of changing passwords must be reiterated, but in particular the use of two-factor authentication systems to add an extra layer of security. Employees might not be concerned about workplace security, but businesses certainly should be,” warned Elkin.
“Having visibility over network activity has and will remain a key factor in ensuring hackers are not able to gain entry into the network should they target an individual.”
Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow