Most common cyber threats

Ransomware

Ransomware is a type of malware that locks users from accessing their data in their computer or any mobile device. To unlock their data, the users must pay a certain amount of ransom, this is mainly done by the payment method which uses Bitcoin. Although paying is an option in recovering your data, it is recommended not to pay because we cannot guarantee the promise of the attackers.

How to defend:

• Comprehensive awareness training to avoid phishing emails.
• Disabling hidden file extensions.
• Disable macro scripts.
• Block AppData/Local AppData
• Keep backups of your important data

Adware

Adware are programs that are specifically designed to advertise programs on your computer and direct you to advertising websites and they are also designed to collect information about your personal preferences or the searching patterns, so they can target more advertisements to your device while you surf the Internet. It is important to remember that Adware collects information with your consent and if you come across malware without your consent it is categorized as a malicious program.

Adware can get into your computer in mainly two ways they are:

• Through shareware or freeware programs.
• Infected Websites can result in an unauthorized installation of adware.

You cannot uninstall Adware. If you sense a presence of Adware in your computer, you can simply use anti-virus software and then remove it.

Rootkits

A rootkit is a program that will provide privileged access to a computer while hiding the fact that they are present. Rootkit contains the combination of a set of malware such as virus, worm, and Trojan.

When a rootkit is installed, a user can remotely access the system and change the system configuration of it. A rootkit on an affected computer can also access the log files and spy on the infected computer owner's data.

It is difficult to detect a rootkit and there is no commercial software available to detect them. You can protect the system by patching the OS and updating the anti-virus guard. Don't accept files or open email file attachments from suspicious sources. Be careful when installing software and carefully read the end-user license agreements.

Spyware

Spyware is a malicious program installed on a user’s computer without the knowledge of the user to collect personal information about the user such as identity and payment. This software is known as tracking software.

Phishing

Phishing attacks are the chief vector for malware attacks and are usually contained a malicious e-mail attachment or an email with a rooted, malicious link. Phishing emails classically falsely claim to be a recognized or legitimate enterprise.

Drive-by download

The “Drive-by download” is a package that routinely copied and installed to user PC without his consent or even users’ knowledge. These are caused simply by a victim clicking a link which, unintentionally to them, inject malicious software (Trojans) on to their PCs.

Most common threats faced by users when using mobile devices

Data loss from lost or stolen devices

The information obtained through a mobile device that has been stolen or lost has immediate drastic results. If the victim has weak password access, no passwords, and little or no encryption, it can lead to data leakage on the devices.

Data misuse from sold devices

Users should never sell or discard devices without understanding the risk to their data. Some data on devices of the previous user can be recovered. The threat level from data loss is high.

Information-stealing malware

Android users can easily download and install apps from third-party marketplaces other than Google’s official “Play Store” which can result in malware containing applications to steal data from the host device.

Unsecured Wi-Fi and network access

Free Wi-Fi has increased over the last few years, increased access to public Wi-Fi, along with increased use of mobile devices, creates a high chance for illegal interception of data.

NFC and proximity-based hacking

Near-field communication (NFC) allows mobile devices to communicate with other mobile devices by using short-range wireless technology. Due to the valuable information being transmitted such as contact information, this is likely to be a target of attackers in the future.

Tips to be secure in cyberspace

Password policy

Choose a strong password

Passwords help you to protect the privacy and identity. The strength of a password is the most important factor. If your password is stolen or guessed someone can log in to the account. It could cause huge problems damaging your reputation or financials.

For a stronger password, use a combination of upper and lower-case characters, numbers, and special characters such as *, $, £, etc., A strong password should usually have at least 8 characters and these can be a combination of the characters mentioned above. Following are a few examples of weak passwords and tips on how you could build a stronger password.

Examples of weak passwords: saman123, samanKV5510, 0771234567

Updating the password

You need to update the password on a regular basis. It is recommended to do this once every three months.

Keep your password safe

• Use a Strong password.
• Never tell anyone the password or give a hint about it.
• Choose a password which you can remember easily, do not write it down anywhere.
• There could be requests from web browsers or websites to “remember” the password. Do not accept these requests.
• Use different passwords for different accounts.

Identify Secure Websites

Before entering sensitive information such as credit card details or passwords on a website, ensure that the link is secured.

• If it is a secured connection, there should be a "padlock" in the address bar.
• The web address should begin with https://. The 's' stands for "SECURE".

Cookies

• Cookies are files on a computer, tablet or smartphone that websites used to store information about the user between the sessions.
• Configure the browser to warn the user when a cookie is installed.
• Use an anti-spyware program that can scan cookies called "tracker cookies".

Avoid Social engineering attacks

• Never open email attachments from unknown sources.
• Never click on links in emails received from unknown sources.
• If you receive a telephone call requesting confidential data, verify the callers’ identity.
• Do not insert external storage devices into computers, if the source of the media is unknown.

Avoiding data loss

• Regularly back-up of your personal files. It will help in case your computer is crashed or stolen.
• Configure access levels (as who can access and what data can be accessed).

Other prevention methods

Web protection.

Email protection.

Managed online backup.

Mobile device management.

Password manager.

• Remove admin right for those who do not need it.
• Frequently patch the operating systems and application.
• Invest in solutions such as:
• Install genuine antivirus
• Install real-time anti-spyware protection
• Keep anti-malware applications current
• Perform daily scans
• Disable auto run
• Disable image previews in Outlook
• Don't click on unknown email links or attachments
• Surf smart
• Use a hardware-based firewall
• Lock the computer when you go away
• Use anti-virus software
• Remember to logout when you access your email, social media accounts from a public place

How to avoid mobile device threats

• Enable a passcode
• Enable fingerprint lock if possible
• Turn off Wi-Fi and Bluetooth when user not in use
• Turn off location services of apps
• Keep your system updated
• Enable find my device feature (iPhone/Android phones) if possible
• Avoid downloading/using untrusted third-party apps and check permissions before installing apps
• Avoid texting or emailing private information
• Install mobile security apps
• Always log out from Banking, Shopping or any other social media sites
• Ensure that the text messages are correct and coming from the correct domain, look for obvious spelling and grammar mistakes, and call the appropriate company if the text messages seems strange or unwanted.

Security controls for email and social media accounts

There are various privacy and security controls offered by email and social media services. Social media services such as Facebook, Twitter, LinkedIn, and Email services such as Gmail, Yahoo, Hotmail, etc.

Using passwords is fundamental in securing your social media or email accounts. In addition, you could use a mechanism known as “Two-way authentication/Two-step Verification”. Some websites provide this service to their users and this is how it works.

If you are in the habit of frequently using Internet cafés, computer laboratories in schools/universities etc., it is advisable to use the above-mentioned protection mechanisms to stay safe online. When leaving such places, make sure to log out of your accounts and change the passwords as soon as you get to a safe network.

Securing email accounts

If the email contains any links don’t click. Copy and paste it on the browser and check whether the secure HTTP header (“https”) is there. Some Web browsers display a ‘lock icon’ or ‘the padlock’ when you are on a secure web site (See example below).

1. Be vigilant when you receive messages via emails or websites requesting information about your account details or passwords. It can be a phishing mail to collect your personal information. Only provide the requested information if you can verify that it came from a trusted party.
2. Always check the sender’s email address very carefully before taking any actions based on the email content. Mere checking of the display name of the sender is NOT sufficient.
3. Using a strong password which will not be able to predict by another person
4. Use numbers, upper case characters, special characters such as $, @, _, / when Creating the password.
5. Do not include your name, contact numbers, NIC, or common words as the password.
6. At least there should be 8 characters in the password.
7. Remember not to disclose the password to others.
8. Use two-factor authentication so that whenever your login to your email you will get a message to your mobile contact or to the email address.
9. Be proactive in protecting your privacy. Never send your personal details (name, address, telephone number, NIC (National Identity Card) number, driving license number, family members’ details, or passport number) to individuals that you do not know personally.
10. Make maximum use of the privacy settings provided by the Email websites. When uploading or publishing pictures or personal information on social media, make sure that such information can only be seen by the friends/people you trust.
11. Think twice when clicking links or URLs received via emails. For instance, if the email claims to be from your bank, call the bank first to verify that they have sent you the said email.
12. If anyone tries to violate your privacy or to destroy your online reputation, never hesitate to report such instances to relevant authorities (e.g. CERT {Computer Emergency Readiness Team}) or block/deactivate such accounts if they belong to you.
13. Don't fall for online scams such as winning fake lotteries or appeals for money claiming to be from legitimate organizations.
14. Never expose your password to anyone. Never write it down on post-it notes or on your desk calendar at work where others can easily see it.