Gyunka, Benjamin AruwaAbikoye, Oluwakemi Christiana2018-03-212018-03-212017Benjamin, A.G. & Abikoye, O.C. (2017): Analysis of Human Factors in Cyber Security: A Case Study of Anonymous Attack on Hbgary. Computing and Information Systems Journal. 21(2); 10-18,http://cis.uws.ac.uk/research/journal/V21n2.pdfhttp://hdl.handle.net/123456789/133Purpose: This paper critically analyses the human factors or behaviours as major threats to cyber security. Focus is placed on the usual roles played by both the attackers and defenders (the targets of the attacker) in cyber threats’ pervasiveness and the potential impacts of such actions on critical security infrastructures. Design/Methodology/Approach: To enable an effective and practical analysis, the Anonymous attack against HBGary Federal (A security firm in the United State of America) was taken as a case study to reveal the huge damaging impacts of human errors and attitudes against the security of organizations and individuals. Findings: The findings revealed that the powerful security firm was compromised and overtaken through simple SQL injection techniques and a very crafty social engineering attack which succeeded because of sheer personnel negligence and unwitting utterances. The damage caused by the attack was enormous and it includes the exposure of very sensitive and personal data, complete shutdown of the website, loss of backup data and personnel character deformations. The research also found that damaging human factors results from ignorance or illiteracy to basic security practices, carelessness and sometimes sabotage by disgruntled employees from within and these vulnerabilities have become prime target for exploitation by attackers through social engineering attacks. Social engineering was also discovered to be the leading attack technique adopted by attackers within the cyber space in recent years. Practical Implications: The paper concludes by advocating assiduous training and cyber securityawareness programmes for workforces and the implementations and maintenance of basic security culture and policies as a panacea for social engineering cyber attacks against individuals and organizations. Originality: Lots of work has been done and many still on-going in the field of social engineering attacks and human factors, but this study is the first to adopt an approach of a practical case study to critically analyze the effects of human factors on cyber security.enThe AnonymousHBGary FederalUniform Resource Location (URL);Content Management System (CMS)SQL InjectionCross-site Scripting (XXS)Social EngineeringCyber SecurityInformation SecurityArticle