Connect with us

Strategies

10 Security misperceptions that need to be addressed immediately

The list is based on the experience of Sophos Rapid Response, a team of expert incident responders who deliver fast assistance in identifying and neutralizing active threats such as malware infections, compromised data, or unauthorized access, among others.

Published

on

Photo by Mimi Thian from Unsplash.com

With June marking National ICT Month in the Philippines and the Department of Information and Communications Technology (DICT) adopting the CHIP (Connect, Harness, Innovate, and Protect) framework for digital transformation and underscoring the value of protection,  Sophos compiled   a guide for Filipino businesses so they can avoid  today’s most commonly held security misperceptions.

The list is based on the experience of Sophos Rapid Response, a team of expert incident responders who deliver fast assistance in identifying and neutralizing active threats such as malware infections, compromised data, or unauthorized access, among others.

Misperception 1: We are not a target. We are too small or have no assets of value to an adversary 

Sophos Advice: Many cyberattack victims assume they are too small, in a sector of no interest, or lacking the kind of lucrative assets that would attract an adversary. The truth is, it doesn’t matter. If you have the processing power and a digital presence, you are a target. Despite the media headlines, most attacks are not perpetrated by advanced nation-state attackers. They are launched by opportunists looking for easy prey and low-hanging fruit, such as organizations with security gaps, errors, or misconfigurations that cybercriminals can easily exploit. 

Misperception 2: We don’t need advanced security technologies installed everywhere 

Sophos Advice: Some IT teams still believe that endpoint security software is enough to stop all threats or don’t need security for their servers. Attackers take full advantage of such assumptions. Any mistakes in configuration, patching, or protection make servers a primary target, not a secondary one, as might have been the case in the past.

Based on the incidents that Sophos Rapid Response has investigated, servers are now the number one target for attacks. Attackers can easily find a direct route using stolen access credentials.  Suppose your organization relies only on basic security without more advanced and integrated tools such as behavioral and AI-based detection and a 24/7 human-led security operations center. In that case, intruders will likely find their way past your defenses.

Misperception 3: We have robust security policies in place 

Sophos Advice:  Having security policies for applications and users is critical. However, they need  to be checked and updated constantly as new features and functionality are added to devices connected to the network. Verify and test policies using techniques such as penetration testing, tabletop exercises, and trial runs of disaster recovery plans. 

Misperception 4: Remote Desktop Protocol (RDP) servers can be protected from attackers by changing the ports they are on and introducing multi-factor authentication (MFA) 

Sophos Advice: The standard port used for RDP services is 3389, so most attackers will scan this port to find open remote access servers. However, the scanning will identify any available services, so changing ports offers little or no protection on its own. 

Further, while introducing multi-factor authentication is essential, it won’t enhance security unless all employees and devices enforce it. RDP activity should occur within the protective boundary of a virtual private network (VPN). Still, even that cannot fully protect an organization if the attackers already have a foothold in a network. Ideally, unless its use is essential, IT security should limit or disable RDP internally and externally.

Misperception 5: Blocking IP addresses from high-risk regions such as Russia, China, and North Korea protects us against attacks from those geographies 

Sophos Advice:  Blocking IPs from specific regions is unlikely to do any harm, but it could give a false sense of security if it’s the sole means of protection. Adversaries host their malicious infrastructure in many countries, with hotspots in the US, the Netherlands, and the rest of Europe. 

Misperception 6: Our backups provide immunity from the impact of ransomware 

Sophos Advice: Keeping up-to-date backups of documents is business-critical. However, if your backups are connected to the network, then they are within reach of attackers and vulnerable to being encrypted, deleted, or disabled in a ransomware attack. 

Storing backups in the cloud also needs to be done with care. The standard formula for secure backups to restore data and systems after a ransomware attack is 3:2:1. Three copies of everything, using two different systems, one of which is offline. 

Having offline backups in place won’t protect your information from extortion-based ransomware attacks, where the criminals steal and threaten to publish your data instead of or as well as encrypting it. 

Misperception 7: Our employees understand security 

Sophos Advice: According to the State of Ransomware 2021, 22% of organizations believe they’ll be hit by ransomware in the next 12 months because it’s hard to stop end users from compromising security. 

Social engineering tactics like phishing emails are becoming harder to spot. Messages are often hand-crafted, accurately written, persuasive, and carefully targeted. Your employees need to know how to spot suspicious messages and what to do when they receive one. Who do they notify so that other employees can be alerted? 

Misperception 8: Incident response teams can recover my data after a ransomware attack

Sophos Advice: This is very unlikely. Attackers today make far fewer mistakes, and the encryption process has improved, so relying on responders to find a loophole that can undo the damage is extremely rare. Automatic backups like Windows Volume Shadow Copies are also deleted by most modern ransomware and overwriting the original data stored on disk, making recovery impossible other than paying the ransom. 

Misperception 9: Paying the ransom will get our data back after a ransomware attack 

Sophos Advice: According to the State of Ransomware survey 2021, an organization that pays the ransom recovers on average around two-thirds (65%) of its data.  A mere 8% got back all of their data, and 29% recovered less than half. Paying the ransom even when it seems easier and covered by your cyber-insurance policy is therefore not a straightforward solution to getting your data back. 

Misperception 10: The release of ransomware is the whole attack – if we survive that we’re OK 

Sophos Advice: Unfortunately, this is rarely the case. Ransomware is just the point where the attackers want you to realize they are there and what they have done. 

The adversaries are likely to have been in your network for days if not weeks before releasing the ransomware, exploring, disabling, or deleting backups, finding the machines with high-value information or applications to target for encryption, removing information, and installing additional payloads such as backdoors. Maintaining a presence in the victim’s networks allows attackers to launch a second attack if they want to. 

Strategies

Tips to achieve healthy headspaces for a productive workplace

Eastern Communications, one of the premier telecommunications companies in the Philippines, believes that enterprises need to support their employees to help ensure productivity while mitigating the effects of isolation and uncertainty.

Published

on

The world’s response to COVID-19 has resulted in the most rapid transformation of the workplace. Working remotely is a challenging setup in the quarantine economy, as employees struggle to balance work and personal life. Moreover, uncertainty and isolation during the pandemic have caused various physical and mental health problems among employees. 

Eastern Communications, one of the premier telecommunications companies in the Philippines, believes that enterprises need to support their employees to help ensure productivity while mitigating the effects of isolation and uncertainty. In a recent webinar entitled “Leap Forward” hosted by Eastern Communications, key opinion leaders gathered to discuss ways on how productivity can be boosted in today’s work from home setup. 

Prioritize employee well-being

Cat Trivino, MindNation Chief Marketing Officer, shared that companies that make the well-being of their employees a top priority not only create a healthier workplace but also produce a happier and more productive workforce.

According to Premier Value Provider’s Employee Mental Health survey in 2020, the highest levels of critical stress (31%), anxiety (47%), and depression (46%) were recorded during May 2020 and this was most prevalent among the younger workforce. 

“Normalize conversations around mental health and overall wellbeing, as well as advocate self-care. Seeking help during this time is important because we get to put to practice that empathy that the world so badly needs, and you need to practice that with your team. Make sure that they feel that openness and that trust to talk about these things,” she added.

A mentally healthy workforce in general will not only improve productivity but also boost employee morale and retention. 

Utilize digital tools for seamless and easy collaboration

Part of helping employees when it comes to their well-being is also giving them convenient yet efficient ways to collaborate while working from home. According to Diana Montes, Eastern Communications’ Strategic Manager, facilitating seamless communication and easy collaboration in the workplace can decrease stress levels.

Based on her experience, integrated tools like cloud-based solutions help in the effectiveness and well-being of a workforce. They also maximize the use of these collaboration apps by staying connected even for non-work-related activities.

“Here at Eastern, we’re quite grateful that even before the pandemic hit, our systems for productivity and collaboration were readily in place. So essentially, we just transferred physical meetings, discussions, and consultations virtually,” she said.

Montes also recommends using a project management tool or planner app to monitor the progress and overall productivity of the entire team on a certain project. Everyone involved has visibility and this way they can prioritize projects that need more assistance.  

“I also receive reports about the amount of time I spend using these collaboration tools and it gives me a notion of when to take on more work or slow down. This helps very much since like I said, sometimes we just lose sight of how much work we’ve already been doing at a particular period,” she added. 

The pandemic has highlighted the importance of developing an overall strategy that puts employees’ well-being first. Through Eastern Communications’ Leap Forward series, businesses are able to learn digital solutions and strategies from experts that will ensure business continuity while supporting the health and morale of the team.

Continue Reading

Strategies

In a negotiation, how tough should your first offer be?

New research shows the first offer can have a significant impact on the eventual outcome, and if you try to drive too hard a bargain, it could backfire.

Published

on

Photo by @chromatograph from Unsplash.com

In a negotiation, how tough should your first offer be? New research shows the first offer can have a significant impact on the eventual outcome, and if you try to drive too hard a bargain, it could backfire.

Whether you’re buying a house, a car, or second-hand furniture, it’s likely you will need to negotiate the price, so being able to negotiate effectively could save you significant cash.

Behavioral economist Professor Lionel Page from the University of Technology Sydney (UTS) said opening offers in real-world negotiations are sometimes intended to signal the “toughness” of the buyer – but whether this strategy actually works was not known.

“This experiment allowed us to study whether and how the level of the opening offer influences the beliefs of buyers and sellers, their actions and the final bargaining outcome,” said Professor Page.

The researchers conducted the experiment using a bargaining game where players exchanged offers for a split of $10. The aim was to mimic the start of a typical negotiation process.

They found that the success or failure of a negotiation depended not only on the final offer on the table but also on the emerging dynamics of the bargaining process.

“The intermediary offers made during a negotiation can be interpreted as suggesting either kind and compromising intentions, or unkind and uncompromising ones,” said Professor Page.

“And the perception of these intentions can, in turn, influence the final outcome. Low offers are perceived as disrespectful, so players react negatively and can be spiteful in their counter-offers.

“In a substantial number of cases, the responder chose a ‘‘punishing’’ counter-offer that was lower than what he believed was the buyer’s minimum acceptable amount,” he said.

This means it is not the best strategy to always be as tough as possible in a negotiation.

Previously there has been two conflicting views on first offers in negotiations, said Professor Page.

One view is that a low opening offer works as an “anchor” that moves the final offer in the direction of the first offer.

The second is that a more reasonable initial offer achieves a better outcome because it doesn’t sour the atmosphere and endanger the agreement.

Professor Page said their study showed support for both these ideas.

“We found that there is a small window where an offer is lower than an equal split, but not so low that it triggers negative emotions. It was viewed as ‘fair game’ to start the negotiation at this point.”

So in summary to strike a good bargain your opening offer needs to be not too hard, or you risk a spiteful counter-offer, but not too soft either, or you might be taken for a ride.

The study: Driving a hard bargain is a balancing act: how social preferences constrain the negotiation process, by Professor Lionel Page and Dr Yola Engler was recently published in the journal Theory and Decision.

Continue Reading

Strategies

5 Practical ways to keep your finances safer online

Kaspersky’s fresh data for Q2 2021 showed a 60% increase in mobile banking Trojan attacks blocked in the region versus same period last year.

Published

on

Photo by Blake Wisz from Unsplash.com

Kaspersky reveals its Q2 2021 mobile threat report for Southeast Asia (SEA) where it has monitored a 60% uptick in the number of attacks using malicious mobile bankers detected and blocked in the region. 

Mobile banking Trojans – or bankers – are used by cybercriminals to steal funds directly from mobile bank accounts. These malicious programs typically look like legitimate financial apps, but when a victim enters their security credentials to try to access their bank account, the attackers gain access to that private information.

Overall, since the beginning of 2021, Kaspersky products have foiled 708 incidents across six countries in SEA. This is already 50% of the total number of mobile bankers blocked in 2020 which was 1,408.

Indonesia and Vietnam logged the most number of incidents during the first half of the year. However, globally, the two countries are not among the top 10 countries affected by this threat. Vietnam is only 27th and Indonesia is 31st as of June this year.

The five countries with the most number of mobile banking Trojan detections in Q2 2021 are Russia, Japan, Turkey, Germany, and France.

*Mobile banking Trojans attacks detected from users of Kaspersky mobile security solutions in the country

While the number of mobile banking Trojan attacks in SEA remains low, 367 incidents from April to June 2021 versus 230 detections during the same period last year, the continuing pandemic continues to force users to start using mobile payment systems.

“We are almost at the second year of the pandemic which has fast tracked the mobile payment adoption in the region at a breakneck speed. During the beginning of this health crisis, our survey already showed that the majority of internet users here have shifted finance-related activities online, like shopping (64%) and banking (47%),” comments Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

The same survey revealed that seven in 10 (69%) are worried about conducting financial transactions online and 42% of the respondents admitted to being afraid about someone accessing their financial details through their devices.

In addition, another Kaspersky report titled “Making Sense of Our Place in the Digital Reputation Economy” discovered that the majority (76%) of 861 respondents from SEA confirmed their intent to keep their money-related data away from the internet. The sentiment is highest among Baby Boomers (85%), followed by Gen X (81%), and Millennials (75%).

“Clearly, there is an awareness about the threats present when we do banking and payment transactions through our mobile phones. But there is still a gap between knowing and acting on it. So to help users from SEA embrace the power of their smartphone and also keep their finances safe, we suggest some practical tips but also encourage everyone to please look into using security solutions as a safety net in case they accidentally clicked a malicious link or downloaded a rogue mobile banking application,” adds Yeo.

Here are some practical tips from Kaspersky which you can do to beef up your money’s safety online:

1. Get a temporary credit card

Cyber criminals have developed incredibly sophisticated techniques and malware that can sometimes thwart your best efforts for safe online shopping. As another level of security for safe online shopping, you can use a temporary credit card to make online purchases, in lieu of your regular credit card. Ask your credit card company if you can be issued a temporary credit card number.

Just remember to avoid using these types of credit cards for any purchases that require auto-renewal or regular payments.

If a temporary credit card is not possible, an alternative is to use a credit card with a low credit limit.

2. Dedicate a computer to online banking and shopping

If you have more than one computer, it may be wise to dedicate one for online banking and shopping only. By avoiding using the computer for any other Internet browsing, downloading, checking email, social networking, and other online activities, you effectively create a ‘clean’ computer that is totally free of computer viruses and any other infections. For added security for safe online shopping, install Google Chrome, with forced HTTPS. This ensures you are visiting only secure websites.

3. Use a dedicated email address

Create an email address that you will use only for online shopping. This will severely limit the amount of spam messages you receive and significantly reduce the risk of opening potentially malicious emails that are disguised as sales promotions or other notifications.

4. Manage and protect your online passwords

Using strong passwords and using a different password for each online account is one of the most important things you can do for safe online shopping. We know it can be difficult to remember so many different passwords, especially when they are composed of numerous letters, numbers, and special characters. But you can use a password manager to aid you in keeping strong passwords for multiple accounts.

5. Use a VPN

If you absolutely must shop online while using public Wi-Fi, first install a VPN (virtual private network). A VPN will encrypt all data that is transferred between your computer or mobile device and the VPN server, preventing hackers from hijacking and viewing any sensitive data you input.

In the Philippines, Kaspersky endpoint solutions like Kaspersky Total Security (KTS) that have a password manager and  VPN features is currently included in its 9.9 promos in Shopee and Lazada.  Filipino customers can enjoy up to 50% discount.

Continue Reading
Advertisement
Advertisement

Like us on Facebook

Trending