If the recent ransomware outbreak tells us something, cybercrimes are exploding through the roof. Having the right tools to prevent malware infection is not enough to keep computers safe. Through human error and social engineering, hackers manage to get around basic security features such as passwords, and steal data.
These human errors we are talking about are victims of phishing and spear phishing emails. Phishing are links and attachments from emails that trick you into clicking them. Spear phishing tricks you into clicking them by sending emails using someone you know.
According to Microsoft, people do become victims to this day with such techniques, and the reason behind this is attackers are trying to make these emails as alluring as possible. Even a click to the link in the email can send you right off a website where malware it uploaded into your system.
Sometimes when you click on a link it will send you to a warning page. The page will inform you Windows has detected that your computer has been hacked and data is currently being stolen, and in order to prevent this, you will need to contact certain people. And for certain, if you do call these people, they will ask you for all sorts of information. This is what social engineering is, hackers trick you into actually giving them information.
Torrent websites host countless files that may or may not contain malware. All torrent sites have a popup window that will attempt to trick users into clicking them. Sometimes, even clicking the “X” marker to close the window will trigger the malware.
With the rise of cybercrimes, Microsoft continues to be one the major IT companies that continue to develop cybersecurity. For organizations, Microsoft recommends: Cyber-hygiene, safer internet practices at workplace and robust internet IT policies.
Microsoft also recommends on conducting security audits: Periodic assessment of threat monitoring, security protocols and IT supply chain. And, to stay vigilant, as sensitive activities such as online banking and Internet transactions should be done on your own device on a trusted network.
It is essential for an organization to train their staff about the dangers of IT and maintain a constant update as cybersecurity and cyber threats is an ever evolving process.
Microsoft recommends buying computers and software from vendors who sell genuine products, and that users must always insist on having genuine software installed into their systems.
According to data from Microsoft Digital Crimes Unit’s Cyber Threat Intelligence Program and the Microsoft Security Intelligence Report Volume 21, the top five cities in the Philippines with the highest malware encounter rate are, in order: Quezon City, Manila, Makati, Talisay, and Mandaluyong.
And the top five malware in the country are: Gamarue, Lodbak, Peals, Ramnit, and Ippedo.
The Gamarue is malware that can steal sensitive information and change PC security settings. Infected removable storages, such as flash drives and portable hard disks, can infect other PCs once plugged in. Peals infects the Windows system to execute commands and steal data on system settings, network configuration, among other things. Ippedo can open back doors in your system to download files and steal data.
The National University of Singapore (NUS Faculty of Engineering has released the results of its new study, “Cybersecurity Risks from Non-Genuine Software,” which found that cybercriminals are compromising computers by embedding malware in pirated software and the online channels that offer them. The study was commissioned by Microsoft.
“The study’s findings all point to the fact that uncontrolled and malicious sources of pirated software, particularly on the Internet are being converted into effective means of spreading malware infections. And what we would like to achieve with this report is to help users recognize that the personal and business risks and financial costs are always much higher than any perceived costs they save from using non-genuine software,” said Associate Professor, Biplab Sikdar, Department of Electrical and Computer Engineering, NUS Faculty of Engineering.
Software piracy is recognized global problem and three in five PCs, in Asia Pacific, were found to be using non-genuine software in 2016. However, using pirated software expore users to a plethora of cyber threats.
“Hackers and organized cybercriminals today are adept at exploiting information technology vulnerabilities and human errors to compromise computers for malicious and financial gains at the expensive of organizations and individuals.
Cybercrime is predicted to cost the global economy an estimated six trillion USD by 2021,” said Keshav Dhakad, Assistant General Council and Regional Director, Digital Crimes Uits (DCU), Microsoft Asia.
“While cybersecurity defenses continue to evolve, users are slow at adapting, whereas cybercriminals are constantly advancing their attack vectors (malware strains) and delivery mechanisms. Piracy of software is increasingly becoming a key vehicle for cybercriminals to exploit computer vulnerabilities and breach security measures with ease.”
The study analyzed 90 new laptops and computers along with 165 CDs and DVDs with pirated software. The samples were randomly purchased from vendors that are known to sell pirated software from across 8 countries in Asia: Malaysia, Thailand, Vietnam, Sri Lanka, Bangladesh, South Korea, and Philippines.
Researchers also examined 203 copies of pirated software downloaded from the Internet. This aligns with the trend where software is increasingly being acquired through online downloads channels. Each of these samples was thoroughly investigated for the presence of malware infections using seven anti-malware engines: AVG, AntiVirus, BitDefender Total Security, IKARUS anti.virus, Kaspersky Anti-Virus, McAfee Total Protection, Norton Security Standard, and Windows Defender.
“Organizations need to recognize that cybersecurity is no longer just a protector of online assets, it is also a critical business enabler. The KPMG 2017 CEO Outlook survey found that a significant proportion of CEOs (71%) saw their investment in cyber as an opportunity to find new revenue streams and innovate, rather than as an overhead cost,” said Daryl Pereira, Head of Cyber Security, KPMG in Singapore.