Riaan GouwsMost people say they want to keep hackers out of their computers, but still ignore cyber security warnings that would do just that.
A group of Brigham Young University researchers has found that even those who say they care about maintaining the integrity of their devices bypass the warning signs.
Over time, computer users have become habituated to ignoring the little black bomb faces and “this is not a secure page” warnings that seem to pop up on a daily basis, Information Systems assistant professor Anthony Vance said.
“We’re accustomed to dismissing those messages,” Vance said. “The way you get things done on computers is to dismiss warnings as quickly as possible and get on with it. And if there’s no harm done, it really discounts the impact of the warning over time.”
What they found in a study published recently in the Journal of the Association for Information Systems, Vance said, reinforced their understanding of risk-seeking and risk-averse personalities. Both groups of college student volunteers ignored cyber security warnings. But their brains reacted differently to screens that then informed them their laptops had been hacked.
Researchers attached a net-like helmet of sensors to 62 students’ heads before putting them in an MRI with their laptops.
Risk-averse computer users’ brains lit up with electrical impulses when shown a screen with a Guy Fox mask and skull and crossbones after ignoring warnings.
Risk-takers’ brains, however, showed nary a blip.
Vance said the study shows how people say one thing about cyber security and do another. “If they think about it, they deliberate,” he said. “But in the moment, people tend not to think about it.”
The BYU team has received a $300,000 grant from the National Science Foundation to continue researching security behavior.
In the end, Vance said, the research may help computer security software designers come up with better warning signals that users will actually respond to.
HACK FREE ZONE - SMB RESOURCES 