Connect with us

Tech & Innovation

ABC’s of protecting SMBs in SEA against malicious mining

As the symptoms and consequences of malicious mining are less obvious and less immediate than ransomware and phishing attacks, it’s easy for SMBs to disregard it as a mere technical issue. However, its aftermath is costly in the long run.

Published

on

Across Southeast Asia, the COVID-19 pandemic has seen businesses and governments attempt to mitigate the financial impact of this unprecedented public health crisis. Southeast Asian economies are taking a huge hit in the global economic crisis, with 64% of respondents from a recent regional survey conducted by Ernest & Young expecting a slower recovery extending into 2021. 

While countries continue to experience different levels of success with containing the spread of the coronavirus, they have adopted different approaches when it comes to reopening their economies. For example, Singapore is currently in Phase 2 of its exit strategy from the circuit breaker measures, with most businesses and social activities allowed to resume from June 19. In Malaysia, most economic activity has been resumed with interstate travel permitted from June 10. These are clear indicators that Southeast Asian countries are making a concerted effort to enable their businesses to recover more quickly from the pandemic. 

However, challenges such as cash flow problems persist. Almost 5,000 firms have borrowed S$4.5 billion from government assisted schemes in recent weeks in Singapore, while the Bank of Thailand has provided 500 million baht of soft loans to financial institutions so that they can offer loans to certain small medium businesses (SMBs). If SMBs are to ensure that their path to economic recovery remains smooth, they would need to address all aspects of their business operations and strategy – and that includes shoring up their cybersecurity defenses to reduce the financial impact of data breaches and hacks. 

Number of malicious mining attempts against SMBs blocked by Kaspersky solutions and the country’s ranking based on the share of users almost infected with this malware

“Malicious mining attacks continue to remain as a widely underreported area of cyberthreats to SMBs. In this age where we are well acquainted with the infamous examples of data breaches, it is natural for us to pool our resources together and deal with ransomware and large-scale phishing attacks. However, this is not the case when it comes to cryptomining,” comments Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. 

“As the symptoms and consequences of malicious mining are less obvious and less immediate than ransomware and phishing attacks, it’s easy for SMBs to disregard it as a mere technical issue. However, its aftermath is costly in the long run. The rapid increase of cryptojacking incidents in the region should be a wakeup call for enterprises in all shapes and forms. Cybercriminals are doing this attack because it is profitable, it is high time that we acknowledge this and improve our defenses against it,” he adds.

SIGNS THAT YOU MAY HAVE BEEN COMPROMISED BY CRYPTO-MINING

In essence, some signs that may point towards devices being used for crypto-mining:

  • Substantial increase in electrical consumption and usage of CPU
  • System response will slow; the device’s memory, processor, and graphics adapter are bogged down completing cryptomining tasks.
  • Wasted bandwidth will decrease the speed and efficiency of legitimate computing workloads
  • Batteries will run down much faster than before, and devices may run quite hot.
  • If the device uses a data plan, users will see data usage skyrocket.

TIPS TO SAFEGUARD YOURSELF AGAINST CRYPTO-MINING

To proactively safeguard your business against SMBs, here’s what you should focus on:

  • Enhancing the cybersecurity awareness of your employees is the first step, but a highly critical one for any business that takes cybersecurity seriously. Having them understand basic things like what file/link to open will go a long way in preventing crypto-miners from planting malware on electronic devices. Also, it is worth creating employee and operational control policies that cover aspects of network management and facilities, including password renewal regulations, incident handling, access control rules, protecting sensitive data and more. 
  • Monitor web traffic – frequent queries to domains of popular cryptomining pools are a clear sign that someone is mining at your expense. Ideally, add these domains to your domain block lists for all computers in your network — lists of such domains can be found online. New domains are constantly appearing, so be sure to update the list systematically.
  • Keep track of your server load. If the daily load changes suddenly, that may be a symptom of a malicious miner. Carrying out regular security audits of your corporate network may also be helpful.
  • Ensure that all your software are up to date as soon as they are available so that you are well prepared for the latest cyberthreats. 
  • Implement the right cybersecurity solution for every aspect of your business operations, both hardware and software related. Use a dedicated endpoint security solution equipped with web and application control, anomaly control and exploit prevention components that monitor and block suspicious activity on the corporate network.

If you are already the victim of a crypto mining attack, or are looking to recover, here’s what you can do:

  • Use a strong security solution on all computers and mobile devices, such as Kaspersky Internet Security for Android or Kaspersky Total Security to identify the threat, and enable Default Deny mode where possible.
  • Kill and block website-delivered scripts. Your IT team should note the URL that is the source of the script and update the organization’s web filters to block it immediately. 
  • If a website extension is responsible for infecting the browser, update all the extensions and remove those that are not needed or are infected. 

Tech & Innovation

7 Tips on mitigating cyber risks to your corporate social media in 2023

As many businesses use social media to promote their products and services, these threats are relevant to an extremely large number of companies. To help them stay safe, Kaspersky experts are offering the following advice to mitigate the cyber risks associated with social media in 2023. 

Published

on

Anna Larkina, Web content analysis expert, Kaspersky
and
Roman Dedenok, Spam analysis expert, Kaspersky 

Threats to corporate social media are evolving along with perpetrators’ social engineering skills at a blistering pace. Sometimes their techniques reach such a high level that even the tech-savvy administrator of a corporate network can’t tell the difference between a scam and the truth. 

As many businesses use social media to promote their products and services, these threats are relevant to an extremely large number of companies. To help them stay safe, Kaspersky experts are offering the following advice to mitigate the cyber risks associated with social media in 2023. 

Use caution with direct messages and drafts folder, delete old irrelevant information  

Companies should be careful about keeping sensitive information in direct messages – it can pose cyber risks. 

People often use corporate social media to write directly to brands, asking for help, using the account holder’s product or service. Also, some partnerships, such as those with bloggers, can be negotiated in direct messages. Sometimes personal or financial information is shared during these conversations, which could remain in the messages folder long after the interaction. If there is a breach allowing cyber criminals to gain unauthorized access to the account, sensitive data may be leaked or used to organize an attack.

To avoid this risk, make it a useful habit to delete irrelevant messages when the dialog is finished and the information it contains is no longer relevant. The same applies to posts – It is worth carefully reviewing what is saved in the drafts folder from time to time.

Review old posts to minimize reputational risks  

The power of reputation is growing: every word, action, and decision can either help or harm the company’s image. 

Everything published online is of great importance in terms of cyber security as well: when sensitive information (re)appears in public, it almost always ends up hurting a company’s reputation and could incur financial losses.

To be on the safe side, spend some time reviewing already published posts, as they might contain information that doesn’t fit into the current reality – that might be anything from inappropriate jokes to controversial advertising campaigns.

What was normal yesterday, can cause a negative public reaction today. A review of publications made over the past few years largely reduces related reputational risks.

Be careful posting your success stories 

Having signed a lucrative contract or reached a deal, we want to post it on social media to tell as many people as possible about our success. But we really need to be aware of unwanted cybercriminals’ attention. If a potential attacker knows who your suppliers or contractors are, they could try to conduct an attack impersonating them or breaching their accounts and acting on their behalf. 

Moreover, the clearer you reflect your company’s structure and working methods on social media, the easier it is for perpetrators to organize an attack. For example, if it is possible to trace who is responsible for finance, an attacker can pretend to be this person’s supervisor and try to lure them into urgently transferring a large sum of money to a fake account to “close a deal” or “purchase necessary equipment”. Exercising various social engineering techniques, a perpetrator can convincingly impersonate another person, and a victim would hardly notice the fraud.

Warn newcomers about risks associated with “new job” posts on social media

After getting a new job, newcomers usually share the news on social media, but they do not yet understand how cybersecurity processes are built in this company: for example, how identification works or with whom they can share sensitive information. Therefore, a newcomer is more vulnerable to cyberattacks.

Imagine: a perpetrator tracks this person in social media and collects information about them. Then the criminal writes the new employee a malicious letter on behalf of the company’s IT administrator asking to share the password to set up a technical account.  It is highly likely that a newcomer will share the password because they do not know that the administrators would never write such a letter. Moreover, new employees are usually shy, and they might hesitate to ask their colleagues if the letter is authentic. A tiny little post on social media might turn the employee into an entry point for cybercriminals. 

To mitigate the risk, offer newcomers a course on information security immediately, and tell them to be extremely careful when posting about a new job. 

Control account access (and don’t forget to change the password when an employee leaves) 

Logins, passwords, and access to the email address used to create a social media account are just as valuable as other internal corporate documents. 

If an employee who has access to accounts and authentication data leaves the company, it is useful to apply the same rules as when blocking their access to the corporate network. 

To begin with, change the password for the e-mail account linked to the corporate social network; then unlink the ex-employee’s mobile phone number and check other authentication methods – for example, a spare mailbox.

Do not ignore two-factor authentication 

Any account on a social network, not to mention a corporate one, must be securely protected. Two-factor authentication is an absolutely necessary setting for any type of account.

The email address linked to the account should be as protected as the social media account itself. Often the attack begins with an initial access to email. After breaching an account, an attacker can configure filters in the mailbox settings to delete all support emails from the social network. Therefore, a user will not be able to restore access to their account, because all emails will be deleted automatically. Not to mention that in a stressful situation we won’t be checking which filters are currently configured in our mailbox. 

It is best to register a social media account using a corporate email address. To begin with, it is better protected (assuming the company cares about cybersecurity). Furthermore, in-house security specialists can block access to this mailbox along with all access to the corporate network.

Provide your employees with anti-phishing training 

To mitigate cyber risks in social media networks, it is not enough to protect your company’s account technically, it is equally important to conduct special training for employees on information security, various types of phishing, and other threats.

According to user statistics on the Kaspersky Gamified Assessment Tool, designed to educate workers and to assist managers in measuring their cyber skills, just 11% of nearly 4000 employees demonstrated a high level of cybersecurity awareness in 2022, while 28% could not prove sufficient cybersecurity proficiency.

Attackers use sophisticated methods of social engineering. Even the most advanced representatives of Gen Z can succumb to them. The human factor cannot be reduced to zero, but it can be minimized as much as possible with the help of dedicated training.

Continue Reading

Tech & Innovation

Fear can inspire remote workers to protect IT resources

Basically, the more workers felt that their organization’s resources were their own, the more likely they were to respond in the desired way.

Published

on

Fear of what could go wrong is the greatest motivator when it comes to getting remote workers to protect their employer’s information technology security, according to a recent study in Computers & Security. But it tends to work best when employees also have a solid understanding of the severity of potential security threats, including the knowledge of what to do when the worst happens. 

As millions of people continue to work remotely, the research provides employers with key insights to keep their valuable information safe. 

“Employees need to feel this is a big deal if it happens, so the number one thing employers can do is to clearly communicate what the threats are and how serious they could be,” said Robert Crossler, corresponding author for the study and associate professor in the Carson College of Business at Washington State University. “Because for most people this is not their job. Their job is to make something or sell something, not to make good security choices, even if it is critical for their organization.” 

For the study, the researchers examined and compared two approaches for motivating security compliance behaviors in a changing work environment. 

Protection motivation theory posits that organizations can encourage secure behaviors through fear appeals, threat messages and promoting self-efficacy, or the ability to respond to a particular threat. The practice, which often utilizes surveillance to monitor employee actions, has been used effectively for decades to deter people from engaging in risky behaviors at work and to discourage unhealthy practices such as smoking or having unsafe sex. 

The second approach Crossler and his collaborators examined is stewardship theory. Stewardship theory is a form of reciprocal agreement that tries to motivate the employee’s behavior through a sense of moral responsibility that is not forced. In this approach, management attempts to get the employee to buy into the organization’s overall vision while giving them organizational support to act independently when confronted with a security threat. 

For the analysis, 339 people who worked at companies with IT security policies were recruited to answer a scenario-based survey. The three survey scenarios describe common policy violations that are relevant to remote work situations, such as the use of unauthorized storage devices, logging off a sensitive account when it is not in use and refraining from sharing one’s password with others. 

Each respondent randomly read one of three of the scenarios and then indicated their likelihood to act in a certain way based on various protection motivation and stewardship theory factors. Although working from home would seem to require relying on concepts more consistent with stewardship theory, the study showed that an approach that relied on the fear and threats emphasized in protection motivation theory was far more effective at preventing employees from violating security policy than a strictly stewardship-based approach.

One novel aspect of the study was that Crossler and his collaborators also considered a security approach that integrated factors of the two theories together. 

The researchers found that promoting a sense of collectivism, a concept from stewardship theory that emphasizes the mutual benefits of good behavior for both the employee and the employer, helped increased the efficacy of protection motivation theory-based methods.

“Basically, what we found was that the more workers felt that their organization’s resources were their own, the more likely they were to respond in the desired way,” Crossler said. “Instilling a sense of collectivism in employees is only going to help enhance people’s likelihood of protecting security policies.” 

The study, which was conducted in collaboration with researchers at the University of North Texas and Oklahoma State University, also showed that in some cases, a protection motivation theory approach to IT security would back-fire and result in security misbehaviors. As a result of their analysis, the authors recommend that companies should consider removing or reducing surveillance practices that are a common aspect of protection motivation theory. Where such removal is impracticable, employers should consider providing employees with contextual reasons for performing such monitoring. 

“This is really the first study that brings stewardship theory and protection motivation theory together in the context of IT security for people working from home,” Crossler said. “While stewardship theory did not work as well as protection motivation, our results suggest that managerial decisions informed by a stewardship perspective can help to provide a further understanding of security policy violations that motivates employees to make the right decision.”

Continue Reading

Tech & Innovation

Social media can be a lifesaver for international new ventures

Newly established international firms and start-ups with limited resources can effectively use social media to learn about their new foreign markets and customers in a fast and inexpensive way.

Published

on

The use of social media can be beneficial to international new ventures and help them to survive. This is according to a study – Early Internationalization in the Digital Context: A Capabilities-based Approachfrom the University of Vaasa, Finland, which also showed that newly established international firms and start-ups with limited resources can effectively use social media to learn about their new foreign markets and customers in a fast and inexpensive way.

For any international new venture, acquiring enough foreign market knowledge can be a matter of life and death. According to Emmanuel Kusi Appiah’s doctoral dissertation, an international new venture can use social media, and then employ ambidextrous learning in its knowledge development process. Ambidextrous learning means using two diverse ways of learning: exploratory learning and exploitative learning.

Exploratory learning helps the company to discover new threats and opportunities in its environment. Exploitative learning, on the other hand, utilises the current market information the firm already has.

“A company can use social media for exploitative learning, but also for exploratory learning to survive in foreign markets. The company can also switch between these two approaches,  according to the situation and company strategy. The use of social media has a positive impact on ambidextrous learning,” says Emmanuel Kusi Appiah.

Firms can benefit from social media platforms like LinkedIn and Facebook in their networking efforts. In addition, social media tools such as Buzzsumo, Tagboard and AgoraPulse can provide the necessary knowledge about customers, competitors, and existing and new markets, thereby reducing the difficulties a new firm would otherwise face in foreign markets. Acquiring knowledge is usually more difficult when a firm is new, especially if it is new and foreign.

Ambidextrous learning can help firms to combine new external knowledge with existing knowledge and prevent inefficiency and short-sightedness. It can also help firms to achieve a sustainable competitive advantage.

Emmanuel Kusi Appiah reminds us that applying ambidextrous learning is not straightforward. Entrepreneurs and companies that are planning to move into a new market internationally need to understand the drivers and mechanisms that support ambidexterity. The dissertation provides valuable information regarding this aspect.

Continue Reading
Advertisement
Advertisement

Like us on Facebook

Trending