Connect with us

Tech & Innovation

ABC’s of protecting SMBs in SEA against malicious mining

As the symptoms and consequences of malicious mining are less obvious and less immediate than ransomware and phishing attacks, it’s easy for SMBs to disregard it as a mere technical issue. However, its aftermath is costly in the long run.

Published

on

Across Southeast Asia, the COVID-19 pandemic has seen businesses and governments attempt to mitigate the financial impact of this unprecedented public health crisis. Southeast Asian economies are taking a huge hit in the global economic crisis, with 64% of respondents from a recent regional survey conducted by Ernest & Young expecting a slower recovery extending into 2021. 

While countries continue to experience different levels of success with containing the spread of the coronavirus, they have adopted different approaches when it comes to reopening their economies. For example, Singapore is currently in Phase 2 of its exit strategy from the circuit breaker measures, with most businesses and social activities allowed to resume from June 19. In Malaysia, most economic activity has been resumed with interstate travel permitted from June 10. These are clear indicators that Southeast Asian countries are making a concerted effort to enable their businesses to recover more quickly from the pandemic. 

However, challenges such as cash flow problems persist. Almost 5,000 firms have borrowed S$4.5 billion from government assisted schemes in recent weeks in Singapore, while the Bank of Thailand has provided 500 million baht of soft loans to financial institutions so that they can offer loans to certain small medium businesses (SMBs). If SMBs are to ensure that their path to economic recovery remains smooth, they would need to address all aspects of their business operations and strategy – and that includes shoring up their cybersecurity defenses to reduce the financial impact of data breaches and hacks. 

Number of malicious mining attempts against SMBs blocked by Kaspersky solutions and the country’s ranking based on the share of users almost infected with this malware

“Malicious mining attacks continue to remain as a widely underreported area of cyberthreats to SMBs. In this age where we are well acquainted with the infamous examples of data breaches, it is natural for us to pool our resources together and deal with ransomware and large-scale phishing attacks. However, this is not the case when it comes to cryptomining,” comments Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. 

“As the symptoms and consequences of malicious mining are less obvious and less immediate than ransomware and phishing attacks, it’s easy for SMBs to disregard it as a mere technical issue. However, its aftermath is costly in the long run. The rapid increase of cryptojacking incidents in the region should be a wakeup call for enterprises in all shapes and forms. Cybercriminals are doing this attack because it is profitable, it is high time that we acknowledge this and improve our defenses against it,” he adds.

SIGNS THAT YOU MAY HAVE BEEN COMPROMISED BY CRYPTO-MINING

In essence, some signs that may point towards devices being used for crypto-mining:

  • Substantial increase in electrical consumption and usage of CPU
  • System response will slow; the device’s memory, processor, and graphics adapter are bogged down completing cryptomining tasks.
  • Wasted bandwidth will decrease the speed and efficiency of legitimate computing workloads
  • Batteries will run down much faster than before, and devices may run quite hot.
  • If the device uses a data plan, users will see data usage skyrocket.

TIPS TO SAFEGUARD YOURSELF AGAINST CRYPTO-MINING

To proactively safeguard your business against SMBs, here’s what you should focus on:

  • Enhancing the cybersecurity awareness of your employees is the first step, but a highly critical one for any business that takes cybersecurity seriously. Having them understand basic things like what file/link to open will go a long way in preventing crypto-miners from planting malware on electronic devices. Also, it is worth creating employee and operational control policies that cover aspects of network management and facilities, including password renewal regulations, incident handling, access control rules, protecting sensitive data and more. 
  • Monitor web traffic – frequent queries to domains of popular cryptomining pools are a clear sign that someone is mining at your expense. Ideally, add these domains to your domain block lists for all computers in your network — lists of such domains can be found online. New domains are constantly appearing, so be sure to update the list systematically.
  • Keep track of your server load. If the daily load changes suddenly, that may be a symptom of a malicious miner. Carrying out regular security audits of your corporate network may also be helpful.
  • Ensure that all your software are up to date as soon as they are available so that you are well prepared for the latest cyberthreats. 
  • Implement the right cybersecurity solution for every aspect of your business operations, both hardware and software related. Use a dedicated endpoint security solution equipped with web and application control, anomaly control and exploit prevention components that monitor and block suspicious activity on the corporate network.

If you are already the victim of a crypto mining attack, or are looking to recover, here’s what you can do:

  • Use a strong security solution on all computers and mobile devices, such as Kaspersky Internet Security for Android or Kaspersky Total Security to identify the threat, and enable Default Deny mode where possible.
  • Kill and block website-delivered scripts. Your IT team should note the URL that is the source of the script and update the organization’s web filters to block it immediately. 
  • If a website extension is responsible for infecting the browser, update all the extensions and remove those that are not needed or are infected. 

Tech & Innovation

Why website security is important for business continuity

Beyond establishing a digital presence and e-commerce store, entrepreneurs should also take steps to ensure their websites are protected from cyber threats.

Published

on

The past year saw businesses of all sizes shift to the online marketplace. And with the continued need to shelter in place due to the pandemic, digital-based transactions are expected to continue to rise in the future. 

As more entrepreneurs expand their online operations, the more they need to take website security seriously. According to the Department of Trade and Industry, with the rise of digitalization, cybersecurity and data privacy remain a challenge especially for small businesses. 

“As more Filipinos shop online, businesses of all sizes need to ensure their websites are protected to help maintain customer trust and credibility for online transactions. In addition, addressing security protection for your online presence can help to ensure that your business website is not impacted and available for your customers to make their purchases,” said Norman Barrientos, Director of Marketing for Southeast Asia of GoDaddy, the company that empowers everyday entrepreneurs worldwide. 


Securing your business website is crucial in maintaining operational continuity and customer loyalty. GoDaddy shares the following ways to help secure your website. 

Install an SSL Certificate

The basic protection your website can have is an SSL Certificate–which automatically creates a secure, encrypted connection with the browser of those who visit your site. What this means is that personal information passing to and from your website is further protected from data hacking.

Aside from security protections, having an SSL Certificate installed on your website can affect the discoverability of the website in search results.  Search engines like Google rank websites with SSL Certificates higher in search results listings. Web browsers also flag websites without an SSL Certificate as “not secure.” Business credibility can immediately come into question with potential customers who log on to your website, with the intent to do business with your company. GoDaddy offers a variety of SSL certificate plans.

Consider More Protection as Your Website Grows

Aside from installing an SSL Certificate on a website, additional protections such as a web application firewall (WAF) that intercepts incoming malicious code for security threats, and a malware scanner that alerts you if there is any bad content or code on your website and helps to start to address the issue, are crucial additional website protections to consider. Having these security protections in place can also help your website load faster. 

GoDaddy, offers Website Security services which includes a bundle of tools that helps to protect your website, as well as includes continuous website monitoring and a back-up function that allows you to restore your entire website in a single click. 

Conduct regular website Back- Ups 

As you continually edit and update your website, it’s important that your files, including photos, and the overall layout of your website are safely backed up. This allows you to restore your website should any problems occur. 

Today, tools that help keep website files more protected, like GoDaddy Website Backup, automatically take stock of changes in your website and secure them in the cloud. This helps protect your website against cyberthreats, with easy restoration which can help to limit downtime for your business. 

From domains to creating your own business website, GoDaddy is the one-stop shop for everything you need to create a strong online presence. Find out more about GoDaddy’s website security tools by logging on to www.GoDaddy.com.

Continue Reading

Strategies

5 Practical ways to keep your finances safer online

Kaspersky’s fresh data for Q2 2021 showed a 60% increase in mobile banking Trojan attacks blocked in the region versus same period last year.

Published

on

Photo by Blake Wisz from Unsplash.com

Kaspersky reveals its Q2 2021 mobile threat report for Southeast Asia (SEA) where it has monitored a 60% uptick in the number of attacks using malicious mobile bankers detected and blocked in the region. 

Mobile banking Trojans – or bankers – are used by cybercriminals to steal funds directly from mobile bank accounts. These malicious programs typically look like legitimate financial apps, but when a victim enters their security credentials to try to access their bank account, the attackers gain access to that private information.

Overall, since the beginning of 2021, Kaspersky products have foiled 708 incidents across six countries in SEA. This is already 50% of the total number of mobile bankers blocked in 2020 which was 1,408.

Indonesia and Vietnam logged the most number of incidents during the first half of the year. However, globally, the two countries are not among the top 10 countries affected by this threat. Vietnam is only 27th and Indonesia is 31st as of June this year.

The five countries with the most number of mobile banking Trojan detections in Q2 2021 are Russia, Japan, Turkey, Germany, and France.

*Mobile banking Trojans attacks detected from users of Kaspersky mobile security solutions in the country

While the number of mobile banking Trojan attacks in SEA remains low, 367 incidents from April to June 2021 versus 230 detections during the same period last year, the continuing pandemic continues to force users to start using mobile payment systems.

“We are almost at the second year of the pandemic which has fast tracked the mobile payment adoption in the region at a breakneck speed. During the beginning of this health crisis, our survey already showed that the majority of internet users here have shifted finance-related activities online, like shopping (64%) and banking (47%),” comments Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

The same survey revealed that seven in 10 (69%) are worried about conducting financial transactions online and 42% of the respondents admitted to being afraid about someone accessing their financial details through their devices.

In addition, another Kaspersky report titled “Making Sense of Our Place in the Digital Reputation Economy” discovered that the majority (76%) of 861 respondents from SEA confirmed their intent to keep their money-related data away from the internet. The sentiment is highest among Baby Boomers (85%), followed by Gen X (81%), and Millennials (75%).

“Clearly, there is an awareness about the threats present when we do banking and payment transactions through our mobile phones. But there is still a gap between knowing and acting on it. So to help users from SEA embrace the power of their smartphone and also keep their finances safe, we suggest some practical tips but also encourage everyone to please look into using security solutions as a safety net in case they accidentally clicked a malicious link or downloaded a rogue mobile banking application,” adds Yeo.

Here are some practical tips from Kaspersky which you can do to beef up your money’s safety online:

1. Get a temporary credit card

Cyber criminals have developed incredibly sophisticated techniques and malware that can sometimes thwart your best efforts for safe online shopping. As another level of security for safe online shopping, you can use a temporary credit card to make online purchases, in lieu of your regular credit card. Ask your credit card company if you can be issued a temporary credit card number.

Just remember to avoid using these types of credit cards for any purchases that require auto-renewal or regular payments.

If a temporary credit card is not possible, an alternative is to use a credit card with a low credit limit.

2. Dedicate a computer to online banking and shopping

If you have more than one computer, it may be wise to dedicate one for online banking and shopping only. By avoiding using the computer for any other Internet browsing, downloading, checking email, social networking, and other online activities, you effectively create a ‘clean’ computer that is totally free of computer viruses and any other infections. For added security for safe online shopping, install Google Chrome, with forced HTTPS. This ensures you are visiting only secure websites.

3. Use a dedicated email address

Create an email address that you will use only for online shopping. This will severely limit the amount of spam messages you receive and significantly reduce the risk of opening potentially malicious emails that are disguised as sales promotions or other notifications.

4. Manage and protect your online passwords

Using strong passwords and using a different password for each online account is one of the most important things you can do for safe online shopping. We know it can be difficult to remember so many different passwords, especially when they are composed of numerous letters, numbers, and special characters. But you can use a password manager to aid you in keeping strong passwords for multiple accounts.

5. Use a VPN

If you absolutely must shop online while using public Wi-Fi, first install a VPN (virtual private network). A VPN will encrypt all data that is transferred between your computer or mobile device and the VPN server, preventing hackers from hijacking and viewing any sensitive data you input.

In the Philippines, Kaspersky endpoint solutions like Kaspersky Total Security (KTS) that have a password manager and  VPN features is currently included in its 9.9 promos in Shopee and Lazada.  Filipino customers can enjoy up to 50% discount.

Continue Reading

Tech & Innovation

3 Things Canon introduced to improve your digital life

Whether for work or play, everyone can now enjoy a wide range of options from Canon, each one designed to fit today’s demanding digital needs. From cameras and projectors that will elevate your next digital project to innovative software that will simplify your ways of working, Canon has a solution for you. 

Published

on

“At Canon, we take pride in being an all-in-one solution provider, catering to the different needs of our customers. We are driven to continuously create and innovate, and at times like this, we pivot to adjust when customer needs change. It is our commitment to innovation that allows us to continuously delight people with products and services that fit their business or lifestyle,” said Kazuhiro Ozawa, Canon Marketing (Philippines), Inc., President & CEO. 

Expanding Creativity and Staying Connected with High Quality Video  

In this digital normal, livestreaming, virtual meetings, classes, and even social occasions like e-weddings, have become essential in everyday life. With the entire world streaming, it is important to have high quality videos that allow for people to stay connected and creative. That is why Canon has developed the EOS Webcam Utility, a free and easy-to-use feature on Canon cameras that turns your camera into a webcam. Take beautifully crisp, in-focus videos while on calls, or opt to defocus a distracting background with a natural and bandwidth-friendly bokeh. 

You can use the EOS Webcam Utility with the full-frame Canon EOS RP. The EOS R system, Canon’s celebrated range of mirrorless cameras, is built for creators who demand the power and performance of a full-frame sensor with the ergonomics of a mirrorless camera. With Canon EOS RP, get a better broadcast experience for your virtual audiences with 4K 30p video resolution, a fun, vari-angle screen, and the reliable EV-5 focus feature that keeps the subject crisp without the need for external light.

Aside from EOS RP, Canon’s PowerShot G7X Mark III is a favorite among many vloggers. The top-of-the-line compact camera captures 4K video without crop, at an improved ISO sensitivity range of 125 – 12,800 and can continuously shoot up to 30 frames per second during RAW Burst Mode.Designed for today’s digital nomads, the camera supports a direct, wireless, and for a mobile-first experience for your audience, vertical content sharing to popular social media sites like Instagram, Tiktok, and Faceboook, as well as livestreaming to YouTube.  

An optimized Business Solution for the new normal 

Beyond consumer products, Canon advocates for making business as simple as possible. With Therefore, business owners and their employees don’t need to manually rummage through physical files because the solution serves as an organized, centralized data bank with highly customizable security access options. Companies large and small can now smartly store any kind of file, such as income statements, receipts, employee files, or even photos, in Therefore™ and conveniently find it in a few clicks from anywhere in the world, even their own living room. Click here for more information. 

Lifestyle Solution for Fun, Entertainment, and Work 

Movies and presentations can now be viewed with utmost flexibility with Canon’s pocket projector.  The compact and lightweight MP250 lasts up to 2 hours of operation, projects up to 93″ wide at up to 250 lumens brightness. 

The MP250 is ready to work with any laptop thanks to its embedded media and document viewer and HDMI and USB ports. For those who can’t be bothered with a laptop, the mini projector can also support wireless content sharing from Android OS devices or direct playback from a USB flash drive. 

Whether for work or play, everyone can now enjoy a wide range of options from Canon, each one designed to fit today’s demanding digital needs. From cameras and projectors that will elevate your next digital project to innovative software that will simplify your ways of working, Canon has a solution for you. 

Follow Canon Philippines (@canonphils) on Facebook and Instagram for all the latest news and updates. 

Continue Reading
Advertisement
Advertisement

Like us on Facebook

Trending