Story image

ESET: Cybersecurity is everyone's fight against dangerous criminals

06 Oct 2017

Next week marks the start of the Australian Government’s Stay Smart Online week, which aims to raise awareness about cybersecurity best practices and how individuals can protect themselves online.

The initiative was started in 2008 as a collaborative effort between government, external agencies, industry bodies and SMEs.

Security firm ESET is also taking the opportunity to reiterate the importance of online vigilance.

“Raising awareness in this industry has never been more important. A quick look at the events of the past couple of months reveals much about the current state of cybersecurity,” comments ESET senior research fellow Nick FitzGerald.

“Attacks such as WannaCryptor.D (aka WannaCry) and Diskcoder.C (aka ExPetr, PetrWrap, Petya, NotPetya), set disturbing new high-water marks for the number of users and companies around the world whose data was maliciously encrypted in one campaign. This marks 2017 as the year of locked and lost data.”

The company believes that comprehensive endpoint software is the first step in securing machines. Antivirus is not enough and extra layers are needed.  Just because machines may be file servers and has a firewall, it does not exempt them from needing additional protection.

ESET offers three key areas for ensuring strong security:

Reliable backup: Planning well in advance by backing up your systems at regular intervals is crucial. Keep at least one such backup on offline storage at all times to protect your most recent data from an attack and consider having backup storage securely placed outside of your home or office.

Make sure you always back up data, and regularly check that your backup systems are working properly by ensuring you can reliably restore data from them. This will not prevent any kind of malware attack, whether it is ransomware or not, but it is necessary as an overall safety measure, as following a natural disaster, fire or theft, backups will likely be the only place from which you will be able to restore important data.

Ensure digital devices are up to date: Patches and system software updates can be difficult to deploy across an entire company’s network. However, investing time in ensuring your software is up-to-date will save you in the long run. Those depending on managed service providers should check what system update policies are applied to their systems and carefully consider their applicability.

Individuals should double-check that automatic updates are enabled. This advice applies equally to non-Windows devices too, despite popular misconceptions, iOS is in fact vulnerable to cyberattacks. Apple’s systems, most smart phones, tablets, and some other “smart” devices, have automatic update functionality which should either be enabled, or managed through corporate network management systems.

Employ safe password practices: Data breaches of online systems are becoming increasingly common, and with end-users having little influence on the management of such systems, user account details (and worse) can be exposed. All you can do to improve login account security is to practice safe password habits.

Always create strong passwords, preferably by using a long passphrase. Never use the same password on two or more sites and wherever possible, enable two-factor or multi-factor authentication options. If it is onerous to remember all those different passwords, using a password manager is a great option.

Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Aussies too lax about IoT security - McAfee
Aussie consumers are at a loss when it comes to securing the increasing number of connected devices in their homes and are often opting to take no action at all.
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.
SolarWinds extends database anomaly detection
As organisations continue their transition from purely on-premises operations into both private and public cloud infrastructures, adapting their IT monitoring and management capabilities can pose a significant challenge.
NATO picks BlackBerry's encrypted voice technology to secure calls
The NCI Agency acquires, deploys and defends communication systems for NATO's political decision-makers and command centres