Fujitsu Psychology Tool Profiles Users At Risk of Cyberattacks

← Back to Stories (view on slashdot.org)

Fujitsu Psychology Tool Profiles Users At Risk of Cyberattacks

Posted by timothy on Thursday January 22, 2015 @07:11AM from the did-you-click-on-the-taboola-link? dept.

itwbennett writes Fujitsu Laboratories is developing an enterprise tool that can identify and advise people who are more vulnerable to cyberattacks, based on certain traits. For example, the researchers found that users who are more comfortable taking risks are also more susceptible to virus infections, while those who are confident of their computer knowledge were at greater risk for data leaks. Rather than being like an antivirus program, the software is more like "an action log analysis than looks into the potential risks of a user," said a spokesman for the lab. "It judges risk based on human behavior and then assigns a security countermeasure for a given user."

30 comments

Min score:

Reason:

Sort:

Privacy Policies? by Nartie · 2015-01-22 07:30 · Score: 1

It's odd that they are trying to track how much people pay attention to privacy policies. I figure there's no point in reading them since they are all just complicated ways to say "We'll screw you whenever we want to."
1. Re:Privacy Policies? by JaredOfEuropa · 2015-01-22 07:43 · Score: 2
  
  It sounds like Clippy from Hell: "It looks like you did not pay close attention to the privacy policy. Your computer will be locked until you re-read it and take the subsequent test to confirm your understanding of this policy".
  
  --
  If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
LOL ... powering down ... by gstoddart · 2015-01-22 07:41 · Score: 5, Funny

"It judges risk based on human behavior and then assigns a security countermeasure for a given user."
For which I'm sure for many users that amounts to "system shut down will begin in ....".
We used to have a receptionist who would install pretty much anything from anywhere. Animated dinosaur cursors? Bring 'em on. A game? Make it so. She'd click any link, any button, anywhere.
Periodically it was just easier to wipe her machine, re-install from an image, and then let her destroy it again.
I honestly never knew why they let her near a computer -- it was always so full of garbage that she couldn't do anything with it, and no amount of telling her why she shouldn't do that would work.
She clearly never used the damned thing for anything work related, she couldn't have had the time. And then when she got it so broken it was unusable, she demanded the IT guy come immediately and fix it ... because she was obviously losing valuable time clicking on pointless crap on the internet.

--
Lost at C:>. Found at C.
1. Re:LOL ... powering down ... by Austerity+Empowers · 2015-01-22 07:42 · Score: 1
  
  Well, if the user has to wear the helmet shown in the picture, then perhaps the punishment will be more severe!
  Seriously, what is the point of that picture?
2. Re:LOL ... powering down ... by gstoddart · 2015-01-22 07:46 · Score: 1
  
  LOL ... clearly I have more blockers enabled than would allow me to see that picture.
  One of the tracking domains/ad sites I block must be serving the images.
  Which places me firmly in the "don't ever trust the internet" camp.
  
  --
  Lost at C:>. Found at C.
3. Re:LOL ... powering down ... by Opportunist · 2015-01-22 07:47 · Score: 1
  
  Allow me to ask the question that MUST be asked here: Why did she have the necessary privileges to install the crap?
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
4. Re:LOL ... powering down ... by gstoddart · 2015-01-22 07:56 · Score: 2
  
  Well, first off, this was in the era of XP, when everybody had admin rights.
  And, second ... the developers who occasionally got suckered into trying to help her always said to IT "Can we just lock her machine down so she can't do any damage?".
  But it was like groundhog day ... just this endless loop of crap on the PC, re-install, followed by her clicking everything and getting crap on her PC. She couldn't, or wouldn't, learn not to do it.
  Hopefully, wherever she is now they've locked the machine down so she can't do any damage.
  It was really sad to watch.
  
  --
  Lost at C:>. Found at C.
5. Re:LOL ... powering down ... by Tyrannicsupremacy · 2015-01-22 08:14 · Score: 1
  
  Yeah, they should've just used a picture of the 3D-Head. https://www.youtube.com/watch?...
  
  --
  http://i.cubeupload.com/T6cyLu.png
6. Re:LOL ... powering down ... by khr · 2015-01-22 08:28 · Score: 1
  
  Animated dinosaur cursors?
  Don't knock animated dinosaur cursors... I used to work for a company in the 90's, PC-Kwik, that sold a package of cursors, including dinosaur ones. Granted, it wasn't our main product, just something for the sales people to upsell for a few dollars more once they had customers on the phone.
7. Re:LOL ... powering down ... by godel_56 · 2015-01-22 09:24 · Score: 1
  
  We used to have a receptionist who would install pretty much anything from anywhere. Animated dinosaur cursors? Bring 'em on. A game? Make it so. She'd click any link, any button, anywhere.
  Periodically it was just easier to wipe her machine, re-install from an image, and then let her destroy it again.
  "For example, the researchers found that users who are more comfortable taking risks are also more susceptible to virus infections"
  That also applies to real life and STDs. In that case anyone sleeping with your receptionist should use a lot of latex protection.,
8. Re:LOL ... powering down ... by AmiMoJo · 2015-01-22 10:04 · Score: 1
  
  That sort of thing is a sacking offence at many places - damaging company equipment after being warned not to.
  In any case, it sounds like IT was incompetent. There were a couple of good options. They could simply disable the ability for her to run any apps except the ones they whitelisted. Can't install anything if you can't even run the installer. Another option was a little dongle that plugged into a PCI slot and prevented permanent changes being made to the system. After every reboot the OS would reset to the saved state, like a VM snapshot. They were popular with internet cafes and pretty much bullet proof.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:Dunning-Kruger by Anonymous Coward · 2015-01-22 07:41 · Score: 1

Obviously all of them. It's so easy to do, anyone could do it.
What could possibly go wrong? by ukoda · 2015-01-22 07:43 · Score: 2

Looking at those traits I can help but think the system would class your typical programmer as a large security risk and lock the system down so tight that writing code was not an option...
1. Re:What could possibly go wrong? by Opportunist · 2015-01-22 07:48 · Score: 3, Funny
  
  So he could not write code, hence not create any trouble.
  The system works!
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
2. Re:What could possibly go wrong? by clawsoon · 2015-01-22 07:49 · Score: 2
  
  That's exactly how we think about programmers over here in IT. Second only to executives as security risks.
3. Re:What could possibly go wrong? by david_thornley · 2015-01-23 09:14 · Score: 1
  
  I've seen a suggestion that developers's computers should only run programs on a whitelist.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Er.. by TechyImmigrant · 2015-01-22 07:53 · Score: 3, Insightful

>those who are confident of their computer knowledge were at greater risk for data leaks.
Doesn't that depend on why they are confident? If you're confident because you don't know what you don't know then maybe it's valid but if you're confident because you happen to have been designing computers for 30 years and are deeply involved in security architecture of computers, then maybe your confidence is well placed.

--
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
1. Re:Er.. by david_thornley · 2015-01-23 09:16 · Score: 1
  
  Or maybe people who really know what they're doing aren't going to be that confident that they're safe.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
2. Re:Er.. by TechyImmigrant · 2015-01-23 10:55 · Score: 1
  
  Or maybe people who really know what they're doing aren't going to be that confident that they're safe.
  Indeed. That's where I am concerning phones and PCs. I'm good with the hardware because I design it. But in my job I'm exposed to all the darkest security concerns, so there's lots to be concerned about.
  
  --
  I should use this sig to advertise my book ISBN-13 : 978-1501515132.
Senior Citizens = Naughty Bits by __aaclcg7560 · 2015-01-22 07:55 · Score: 1

My late father had a weakness for naughty bits, especially in the Double-D category. No how many times I tried to explain this to him, he always gets his computer infected with spyware, virius and other crap. He even paid $90 bucks for anti-spyware program that suddenly popped up on his computer one day. I hated driving 300 miles round trip to clean up his computer.
1. Re:Senior Citizens = Naughty Bits by gstoddart · 2015-01-22 08:01 · Score: 3, Funny
  
  Old men like young boobies ... this is an evolutionary fact.
  I once had to have "the talk" with my father ... Dad, I know you want to sneak a peak at boobies when mom isn't looking, but most of those sites are really dangerous ... if you're going to look at boobies, use this browser which won't run scripts or anything, and which runs as a different profile. I've bookmarked a few sites to get you started. And no matter what you the ad claims, don't click it.. ;-)
  Always practice safe click.
  
  --
  Lost at C:>. Found at C.
Not much source code... by Anonymous Coward · 2015-01-22 08:01 · Score: 0

if (user.equals('zoequinn')||isCritical('nolanmovies')) {
alert(Alert.HIGH);
}
Fujitsu by sameersan · 2015-01-22 08:46 · Score: 1

i hate cyber attacks :) than any 1 :)
age cross sectioned with IQ by slashmydots · 2015-01-22 10:49 · Score: 1

It's all in the subject line
FTFY by CaptainDork · 2015-01-22 15:46 · Score: 1

"It judges risk based on human behavior and then assigns a security countermeasure for a given user by sending all that info to security software advertisers."

--
It little behooves the best of us to comment on the rest of us.
The Weak Link is Always People. Always. by LaurenCates · 2015-01-23 01:34 · Score: 1

I have a minor interest in social engineering, partly due to my run-ins with sociopaths, but psychology has always been an interest of mine in general.
If there's one thing I, without fail, lecture my less-tech-savvy friends on anytime I ever have to fix anything computer-related, is that they are always the weak link in computer security.
At least once a year, when I become sufficiently annoyed with other people because they post things on Facebook that get my security nerves up, I will post messages like: stop telling people you're not home, or be careful with screen shots and signatures that reveal what kind of device you have.
Though the biggest anecdote I tell my friends, which in general seems to make them stop and think about things, is that if I really wanted to take up as an identity thief, I'd probably become a hairdresser. Think about how many small-talk questions they ask (it's alarming how often they ask if I have any plans for the weekend; my answer is always "staying home and cleaning the house"). Of course, I lie like a bastard if I want to be polite that day (other times I give short answers in a tone that indicates I'm not much in the mood for chit-chat) and tip generously regardless.
Point I'm making is that you should always kind of assume that everyone is at a risk for cyberattacks. There are just different vectors to get there.

--
Some people don't believe in fairies. I don't believe in The Patriarchy.