By Poovenraj Kanagaraj and Sharon Chang
In 2019, Kaspersky products detected 36 million different internet-borne cyberthreats in Malaysia. 41.5 percent of users were attacked by web-borne threats, placing the nation in the 13th place worldwide when it comes to the dangers associated with surfing the web. Fast forward to a coronavirus-stricken 2020, the outbreak that has spread to almost every nation on earth has not just left communities and businesses economically vulnerable, but it has also left many open to attacks from another form of virus. One that has led to an influx of cyber-crime among businesses.
“The extend of such attacks is much wider now, mainly via the internet through devices such as mobile phones, laptops and even home routers. The attack surface has definitely increased,” shares Yeo Siang Tiong, general manager, SEA at Kaspersky. As more internet users increasingly consume Covid-19 related news, increase in cyber-attack occurrences has been observed as well.
According to Siang Tiong, there have been an increase by 45 percent in phishing emails, emails related to Covid-19. “These are emails purporting from WHO, Putrajaya, and even those promising vaccines. They come in all forms,” he told Business Today. So how would we know if we are compromised?
The Kaspersky general manager says, just by observing phishing emails alone, Kaspersky has seen different forms of ingenuine emails. He urges end-users to watch out and to carefully look out for attachments that end with ‘exe’. “Attachments of that sort are strictly not to be opened and even documents can still be as malicious. We have seen emails pretending to be WHO over the course of the pandemic,” he says.
“Pay extra attention to emails promising ‘one time only’ offers or various goods for free. Do not click on links of emails come from unknown people or organization. Look for ‘https’ especially when any personal or financial information is required.”
Prior to the Covid-19 outbreak, Kaspersky detected over 11 million local threats on the computers of Kaspersky Security Network (KSN) participants in the country during the October – December period. Over 31.9 percent of users in the country were almost infected by local threats during the period.
Investing in basic hygiene
“It will not be appropriate if they don’t have the cybersecurity awareness when it comes to investing in basic hygiene,” Siang Tiong says, referring to every business’s need to have sufficient cybersecurity defenses. In relation to budget that a business would need, he says the first line of defense is the person in front of the device. “Awareness doesn’t cost much,” he said. He further highlighted that while basic tools to secure the company against cyber attacks does not cost much, however, as one moves up the hierarchy, the right tools are needed.
“Some companies might not have the capability, hence they can outsource to a company that can do so, which would be able to defray the cost. Security has to be part and parcel of everyone’s presence, and if data is compromised, the business will actually suffer,” he tells Business Today.
According to Siang Tiong, attacks on companies are a daily occurrence but when security is breached, there will have to be a few aspects companies will have to take note. For one, the breach point detected may not be the only breach point as there could be more sophisticated breaches.
The more advanced and persistent attacks are said to be remotely controlled, and the symptoms seen initially may just be the tip of the iceberg. Which calls for the need for proper tools or in some cases, external help is essential. The less serious cases such as ransomware can be sorted out with an encryption key that can be downloaded for free from Kaspersky.
“If your company gets attacked, don’t panic, get help and clean up.”
While video-conferencing is nothing new among businesses, the arrival of the pandemic had contributed to the rise of webinars, video chats and Zoom interviews and in return this also raises the question of security. “Tools are tools, they are there to help you with your day-to-day life and like all software tools, basic hygiene is vital,” Siang Tiong said.
According to Kaspersky, most companies often have a gazetted list of video conferencing tools they can use and it’s a policy Tiang Siong says must be strictly adhered to. After a recent scare that Zoom was comprised, many companies had turned towards other video conferencing tools such as Skype, Google hangouts and Microsoft Teams. Zoom however, quickly turned around and released an updated version with higher security precautions.
“Whether or not your system have been breached, it will block the attack and notify the company, but of course these systems have be kept up-to-date,” Siang Tiong says. He further shares about ethical hackers who are hired to discover bugs and notable vendors out there are constantly on a lookout for daily occurrences.
When it comes to investing, Kaspersky says there is no magic number. Siang Tiong urges companies to invest in people and awareness as well as to procure the right tech. Education, he says is constant when it comes to awareness and as a company grows, the layers of security has to grow alongside.