Disasters, natural and man-made, are rendering organisations more vulnerable to cyber attacks – with employees increasingly seen as the weak point in a corporate's armour.

Attackers find these unfortunate events useful because employees relax their defensive posture during a disaster, with their immediate focus on the need to gather as much information as possible, as quickly as possible.

Jayson Street, Infosec Ranger at Pwnie Express, shared this as part of his keynote address during the second day of ITWeb Security Summit 2017.

"What is there to talk about in South Africa that would make employees click on a link or something? An anti-Zuma march perhaps? People are suspicious when you send them links, but during times of unrest, when something bad happens, we are more susceptible to wanting more information. When the Boston bombing happened, emails were sent requiring people to click links for news. If you have a child in Boston or a relative there, what would you do?"

Street says cyber criminals create fake relief pages even before charitable organisations or rescue services react.

"They are trying to steal from you. That's what you have to understand. They will exploit your trusted relationships (by sending such links under the guise of a colleague) and use them against you."

Street says a concerted effort has to be made to rid the internet of an organisation's IP address and employee usernames or email addresses, among other sensitive information.

He says employee profile pictures and cover photos on social media are always public and if an attacker is able to gather this information, it can be used to get them to open malicious content.

Street recommends that corporate security teams start looking at points of access to a business, like a website, in an offensive manner.

"Look at it like an attacker would. Don't build walls to keep honest users out but build defences to keep criminals out. Use stuff like social media searches or Google alerts to find key words that can notify you when your website is compromised. You can also create files and folders that people should not go into and if someone dies you will get a notification that you are under attack. You also have to start segmenting your networks."

Street also emphasised the global nature of attacks and how these can be prevented. He says nations thousands of kilometres apart in the real world are neighbours in the online community.

He says companies should go so far as blocking access to their websites from countries where they do not run their business.

"If you teach your employees from day one that part their job is also being secure, they will regard it as a job responsibility. Don't get upset when employees click on links and jeopardise the security of your company because you didn't make it clear that they have to see themselves as part of your security team."