Tag Archives: Trend Micro

Editorial

Interview: Password Hygiene & Staying Secure with Trend Micro

Leave a comment

This is a transcribed interview with Sage Khor, Presale Technical Manager at Trend Micro. It is intended as a companion to our editorial “How Your Bad Password Hygiene is Putting Everything At Risk At Home and At Work“.

Password Hygiene has become an increasingly popular topic among cybersecurity experts and IT managers especially in light of the marked increase of data breaches occurring on a daily basis. We spoke to Sage Khor, the Presales Technical Manager at Trend Micro to better understand password hygiene and its impact on personal and organisational data security.

Trend Micro Sage Profile Pic 07052024

SAGE KHOR

PRESALES TECHNICAL MANAGER,
TREND MICRO MALAYSIA

With more than 15 years in IT as a solution consultant and architect, Sage Khor has diverse experience in IT Infrastructure, Cloud & virtualization, and information and data security. He specialises in cloud and virtualization security and has in-depth knowledge of cyber security. He also has experience dealing with diverse customer environments ranging from various industries such as FSI, oil and gas, telco, conglomerates, real estate& more.

Q: “Password hygiene” seems to be a new concept when it comes to keeping safe on the internet. What is it and how does it help in staying secure online?

Sage Khor: Password hygiene refers to best practices and habits individuals and organizations should adopt to maintain strong and secure passwords. Maintaining good password hygiene is essential to online safety. It encompasses aspects such as password creation, account variation, refraining from sharing passwords, and implementing multi-factor authentication (MFA).

Q: We’ve had guidelines and best practices that ask us to change our passwords every so often. It’s easy to enforce this at an organizational level, but how about when it comes to our personal passwords?

Sage Khor: There are several ways how individuals can practice good password hygiene:

  • Create long passwords. It is recommended to create a password that is longer than 6 alphabets.
  • Create strong passwords by using a mix of uppercase and lowercase letters, numbers, and symbols, and avoid personal information (birthdays, addresses), and simple patterns.
  • Create unique passwords for each account.
  • Enable Multi-Factor Authentication (MFA) as it adds an extra layer of security by requiring a second verification step beyond an individual’s password.
  • Do not recycle passwords for multiple accounts.

Safeguarding data from cyber threats can also be done with the help of a security platform like Trend Micro’s ID Protection which helps secure personal information from identity theft, fraud, and unauthorized access.

Q: What is good “password hygiene”?

Sage Khor: The first line of protection against hackers is a strong and secure password as hackers will find it more difficult to decipher longer, more complicated passwords.

Weak passwords can be easily predicted. Avoid using the same or simple passwords like birthdays or dictionary words for multiple social media accounts or other internet accounts.

Password Login page AI Generated Image with Copilot
Image Generated with Microsoft Copilot

Enable two-factor authentication (2FA) on all internet accounts. Adding an extra layer of security to authentication makes it far safer than using just one factor.

Verify the privacy and security settings on internet accounts. Though they enable a degree of security for both users and the companies, the default settings that platforms set up are designed to enable the collection of pertinent market data from their users.

Another method of ensuring password hygiene is by utilizing a password manager to help you create, save, manage and use passwords across different online services. When you have to keep track of so many online accounts, a password manager is the best way to encrypt and store your passwords safely. However, it is also important to be vigilant when deciding on a password manager. The most reliable password managers will use industry-standard encryption methods and can keep your accounts safe from hacking. But good cyber hygiene practices will still come to play if you want to ensure your computer is free from malware and safe from hackers. One other aspect to consider is also taking steps to be aware of common social engineering tactics that can deceive users into divulging their master passwords.

Q: Is there a way for us to have password hygiene on an individual basis?

Sage Khor: Practising good password hygiene is vital to ensure that all accounts remain safe. Thus, it is important to be aware of the necessary steps you can take to create a strong and safe password. By introducing a higher level of complexity to your password, you can lower the chances of being hacked or having your accounts compromised.

When creating a strong password, refrain from using predictable letters or numbers in sequence (e.g qwerty, abcde, 12345) but instead combine letters, numbers, and symbols to form a password of at least eight characters. Similarly, you should always avoid creating passwords that include any easily found personal information. Most importantly, stop reusing passwords on all your accounts or have similar passwords across different accounts. Creating complex and varied passwords is ultimately one of the more important steps when it comes to password hygiene.

Q: How about when it comes to organizations?

Sage Khor: Password hygiene is crucial for organizations to protect themselves from data breaches and unauthorized access. Similar to how you should apply the best password hygiene practices in your personal accounts, it is important for organizations to also ensure the right structure and policies are in place.

Pile of Folders
Photo by Pixabay

Put in place complex passwords. While this may seem like a given, it may come as a surprise that many today still enforce popular passwords that are hackable. In the same way, you would create complex passwords for individual accounts, you will want to ensure the strength of passwords in your organization through the creation of long passphrases (at least 12 characters) instead of short passwords. Passphrases are easier to remember and more secure than single words. With proper IT policies in place, there should also be enforcement and systems that disallow the reuse of passwords.

Organizations should be using Multi-Factor Authentication (MFA) as it adds an extra layer of security by requiring a second factor, like a code from a phone app, to access accounts in addition to the password. Enforce two-factor or MFA for online banking/transactions and log-ins into key online portals/systems.

Practice the 3-2-1 backup rule. If a data breach occurs, it is critical to maintain at least three copies of company data in two different formats, with one air-gapped copy located off-site. 

Lastly, awareness training programmes should be established to help educate employees on password hygiene best practices and prevent cases.

Q: We’ve talked about password hygiene quite extensively. How does this factor into basic cybersecurity? Can we make things simpler to implement and keep up with?

Sage Khor: Password hygiene is a key component of every cybersecurity strategy that serves as a fundamental defence against unauthorized access, data breaches, and identity theft. Begin adopting a zero-trust mindset and framework by continuously verifying identities. Through this, organizations can enhance their cybersecurity posture by focusing on continuous verification of access and authentication, thereby reducing the risk of data breaches.

To make password hygiene easier to implement and maintain, organizations and individuals can adopt password management tools that streamline the process of creating, storing, and updating passwords. Additionally, providing education and training on password best practices can help raise awareness and encourage users to prioritize strong password hygiene.

Q: In the worst-case scenario, if an individual’s password is compromised, what can he/she do? How do we prevent data from being compromised?

Sage Khor: There are various steps that can and should be taken to address this. The most immediate step you should take is to change the password that has been compromised. You can create secure passwords using a password manager that allows users to generate unique and strong passwords for each account. Additionally, set up an MFA which requires additional verification methods beyond just passwords. Began monitoring all account activities for suspicious behaviour or any breach of access.

Close-up Photo of Guy Fawkes Mask
Photo by NEOSiAM 2024+

Q: What about organizations?

Sage Khor: Going back to how password hygiene is crucial for organizations, it is important to note that unauthorized access to sensitive data can result in financial losses, reputational damage, and legal consequences. To prevent this, organizations should take the necessary steps to implement MFA and conduct regular software updates to protect organizations from known vulnerabilities that attackers might exploit. Organizations should be proactive in using the available tools such as password managers paired with the right training for employees to protect their data.

Implementing a zero trust security model will also be an essential step for the prevention of future cybersecurity breaches. By viewing every access request as a possible danger, this strategy will help enhance an organization’s cybersecurity posture and proactively meet regulatory and compliance requirements.

Q: How do multi-factor authentication (MFA) methods affect password hygiene? Can we rely more on MFA methods instead of changing passwords? How secure is MFA?

Sage Khor: Multi-factor authentication (MFA) methods enhance password hygiene by adding an extra layer of security, reducing the risk of cyber-attacks and unauthorized access. MFA requires users to provide multiple authentication factors, making it more challenging for cybercriminals to compromise accounts solely through passwords.

While MFA is not completely foolproof, it is considered one of the more reliable measures as it can be combined or implemented with single sign-on (SSO) and passwordless login options to reduce the efforts of users, while also increasing the efficiency and management of users and businesses.

Q: Google, Apple and Microsoft are talking about a future that relies less on passwords and more on things like biometrics or “passkeys”. What is Trend Micro’s take on this?

Sage Khor: Trend Micro emphasizes the importance of strong passwords, MFAs, and restricting access to only corporate networks. These recommendations align with the concept of biometrics and passkeys, which can provide stronger security measures compared to traditional passwords.

ed hardie RMIsZlv8qv4 unsplash
Photo by Ed Hardie on Unsplash

Unlike passwords, passkeys are not susceptible to phishing attacks or theft because the private key never leaves your device.

Passkey offers enhanced security by providing digital keys that are highly resistant to phishing and brutal force attacks, effortless logins through secure storage on a device for easy access with a tap or PIN, and seamless cross-device functionality for a hassle-free user experience.

Q: Will having alternatives like biometrics and “passkeys” make it harder to get compromised online? Does it bring a better level of cyber resilience to organizations?

Sage Khor: Having alternatives like biometrics and “passkeys” can indeed make it harder to get compromised online, enhancing cyber resilience for organizations. Biometrics, such as fingerprint scans and facial recognition, offer more secure authentication methods that are difficult to replicate, reducing the risk of unauthorized access. “Passkeys” meanwhile eliminate the need for traditional passwords, simplifying the login process and enhancing security by using alternative means of authentication.

Through this organizations can significantly improve their cybersecurity posture, making it more challenging for cybercriminals to compromise accounts and systems. Biometrics and “passkeys” provide a higher level of security and resilience, helping organizations protect sensitive data and mitigate the risks associated with traditional password-based authentication methods.

    Business, Computers, Contributed

    Cyberattackers are Using the Cloud too – Are Malaysian Enterprises Prepared?

    Leave a comment

    Cloud technology has been an integral component in paving the way for organizations across industries to undergo digital transformation. Globally, 50% of organizations are adopting a cloud-native approach to support both employees and customers, and the number of connected devices is expected to climb to 55.9 billion by 2025.

    In Malaysia, we’ve also seen swift progress in cloud adoption – with the most recent milestone being the upgrade of the Malaysian Government’s Public Sector Data Centre (PDSA) into a hybrid cloud service called MyGovCloud. The pace of cloud adoption is expected to accelerate following the government’s decision to provide conditional approval to Microsoft, Google, Amazon, and Telekom Malaysia to build and manage hyperscale data centres and cloud services in Malaysia.

    With cloud-based systems becoming a key component of organizations’ operations and infrastructures, malicious actors have been turning to the cloud, taking advantage of weaknesses in cloud security to perform various malicious activities — leading to new complexity regarding effective attack surface risk management. 

    Why Malaysian Businesses Need Better Risk Management

    The shift to the cloud and dramatic increase in connectivity gives malicious actors new and often unmanaged attack vectors to target.

    photo of person typing on computer keyboard
    Photo by Soumil Kumar on Pexels.com

    As revealed in Trend Micro’s semi-yearly Cyber Risk Index (CRI) report, 67% of organizations in Malaysia report they are likely to be breached in the next 12 months – indicating a dire need for local organizations to be better prepared in managing cyber risks.

    To better reduce the risk of cyberattacks, enterprises must first understand how cyberattackers are exploiting the cloud for their own benefit and bridge security gaps by proactively anticipating data breaches.

    One of the most common ways that organizations put themselves in a vulnerable position to be attacked is through misconfigurations of the cloud. While misconfigurations might seem straightforward and avoidable, they are the most significant risk to cloud environments – making up 65 to 70% of all security challenges in the cloud. This is especially true for organizations that have been pushed to migrate quickly to the cloud since remote work became the new norm.

    security logo
    Photo by Pixabay on Pexels.com

    Malicious actors are also turning to low-effort by high-impact attack strategies in gaining access to cloud applications and services. On top of exploiting new vulnerabilities in an enterprise’s network, cyberattackers will persistently exploit known vulnerabilities from past years as many enterprises still lack the ability to get full visibility on environments that are left unpatched.

    How Malaysian Businesses can Stay Prepared

    Since criminals can execute their attacks more effectively, they can also target a larger number of organizations, potentially leading to an increase in overall attacks. Organizations now have much less time to detect and respond to these incidents, and this will be expounded as the business model of cybercriminals matures further.

    With that in mind, enterprises must strengthen their security posture foundations to defend against evolving cyberthreats. Among the key cybersecurity strategies to adopt include:

    Automating everything

    We live in a world where skills shortages and commercial demands have combined to expose organizations to escalating levels of cyber risk. In the cloud, it leads to misconfigurations and the risk of knock-on data breaches, as well as unpatched assets which are exposed to the latest exploits. The bad news is that cybercriminals and nation states are getting better at scanning for systems which may be vulnerable in this way.

    Better digital attack surface management starts with the right tooling. Solutions such as Trend Micro Cloud One enable and automates platform-agnostic cloud security administration and cloud threat detection and response, which can help security teams improve the efficiency of threat investigation and response, as well as reduce the risk of a security breach.

    Empowering employees with resources and tools to ensure cloud operational excellence  

    Many enterprises are already well on their way in the world of cloud, with more and more security teams using cloud infrastructure services and developing cloud-native applications. However, this can often be a steep learning curve for cloud architects and developers – leaving gaps in protection, compliance, and visibility.

    woman using a computer
    Photo by cottonbro on Pexels.com

    To improve the situation, organizations need to provide resources to employees to ensure that the cloud service configurations adhere to industry best practices and compliance standards. One such way is to use tools that automatically scan cloud services against best practices, relieving teams from having to manually check for misconfigurations.

    Adopt a Shared Responsibility Model

    Clouds aren’t secure or insecure, they’re as secure as you make them. Instead of “who is more secure – AWS, Azure, or Google Cloud?” ask “what have I done to make all of my clouds as secure as I need them?”

    Security in the cloud works using the Shared Responsibility Model – which dictates who is responsible for any operational task in the cloud and security is simply a subset of those tasks. Security self-service for the cloud is fully here in all its forms, and understanding this model is critical to success in the cloud.

    While increased cloud adoption allows organizations to be more agile, scalable, and cost-efficient, the benefits of using cloud services and technologies are no longer just reaped by legitimate companies, but also cybercriminals who keep up with the trend. As criminals accelerate attacks and expand their capabilities, businesses must adopt a solid cybersecurity strategy to stay a step ahead.

    Business, Contributed

    Vigilance is Crucial for Businesses in Dealing with Modern Malware

    Leave a comment

    In just the first four months of 2021, Trend Micro’s Research team detected 113,010 ransomware threats in Malaysia. Ever since the first detected case of ransomware infection in 2005 globally[1], ransomware has evolved. Over the years, ransomware has evolved and has resulted in the emergence of what is often termed modern ransomware; which is even more targeted and malicious in nature.

    The recent attack on enterprise technology firm Kaseya[2], where hackers demanded US$70 million (RM290.92 million) worth of bitcoin in return for stolen data, is a stark reminder of the sweeping damage and disruption that modern ransomware is capable of. 

    crop hacker typing on laptop with information on screen
    Photo by Sora Shimazaki on Pexels.com

    Traditionally, ransomware attacks were conducted through a “click-on-the-link” that leads to compromised websites or spam emails. This was typically aimed at a random list of victims to collect moderate pay-out.

    Today, threat actors have evolved their strategies to inflict greater damage on a company’s reputation and potentially collect larger pay-outs from high-profile victims. This is what is becoming known as a “double-extortion” strategy in modern ransomware attacks. According to Trend Micro’s research[3], criminals take these steps to personalize the attacks:

    1. Organize alternative access to a victim’s network such as through a supply chain attack;
    2. Determine the most valuable assets and processes that could potentially yield the highest possible ransom amount for each victim;
    3. Take control of valuable assets, recovery procedures, and backups;
    4. Steal and threaten to expose confidential data;

    In Malaysia, Trend Micro found that the industries most targeted by ransomware are government, healthcare, and manufacturing[4]. As these sectors continue to play a role in driving economic growth in the country, it is clear that a multi-layered cybersecurity defence system is necessary. These enterprises will need to create such a defence to defend their networks and protect their business-critical data to keep up with the ever-evolving ransomware landscape.

    close up view of system hacking
    Photo by Tima Miroshnichenko on Pexels.com

    In order to keep up with the ever-evolving ransomware landscape, among the three most important must-dos for Malaysian organizations are: 

    • Maintain IT hygiene factors: Security teams should ensure that proactive countermeasures, such as monitoring features, backups, and trainings in security skills, are in place to enable early detection. Alongside that, everyone in an organization should also have the latest security updates and patches installed.
    • Work with the right security partners: Start by clearly defining the needs and priorities around enterprise security in an organization. Then, collaborate with a security vendor that aligns with these priorities to create a solid security response playbook to be used on an ongoing basis.
    • Have visibility over all security layers: In order for security teams to be able to detect suspicious activity early-on and to respond to cyber attacks quicker, organizations should utilize tools such as Trend Micro Vision One, which collects and automatically correlates data across email, endpoints, servers, cloud workloads, and networks. By putting the right technologies in place, enterprises can also help reduce the alert fatigue commonly faced by security operations centers (SOCs), with 54% reporting that they are overwhelmed by alerts[5].

    In today’s world of constant attacks, cybersecurity should be a top priority for everyone across the entire organization; and not just be the sole responsibility of the security team. While an organization can eventually recover its data or financial resources post-attack, the loss of trust among customers and partners will be a difficult challenge to remedy. All stakeholders must collaborate, invest in proper resources, and take proactive steps to transform workplace culture and best practices in order to stop pernicious ransomware threats at the door. 

    [1] Trend Micro, Ransomware, https://www.trendmicro.com/vinfo/us/security/definition/ransomware

    [2] Trend Micro, IT Management Platform Kaseya Hit With Sodinokibi/REvil Ransomware Attack, 4 July 2021. https://www.trendmicro.com/en_my/research/21/g/it-management-platform-kaseya-hit-with-sodinokibi-revil-ransomwa.html

    [3] Trend Micro, Modern Ransomware’s Double Extortion Tactics, 8 June 2021. https://www.trendmicro.com/vinfo/gb/security/news/cybercrime-and-digital-threats/modern-ransomwares-double-extortion-tactics-and-how-to-protect-enterprises-against-them

    [4] Trend Micro, Trend Micro 2020 Annual Cybersecurity Report, 23 February 2021. https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/a-constant-state-of-flux-trend-micro-2020-annual-cybersecurity-report

    [5] Trend Micro, 70% Of SOC Teams Emotionally Overwhelmed By Security Alert Volume, 25 May 2021, https://newsroom.trendmicro.com/2021-05-25-70-Of-SOC-Teams-Emotionally-Overwhelmed-By-Security-Alert-Volume