Page 21 - AeM_May_2017
P. 21
BEST PRACTICES & STRATEGIES
Attitude: It won't happen to me hanging fruit' are an entry point for cybercriminals. Ac-
cording to Forrester, 80% of all attacks involve a weak
Forget technology for a second, culture is arguably the or stolen password .
biggest issue with security right now, and this has been
the case for 20 years. CEOs think they won't be target- Some web providers now force you to generate random
ed and citizens think much the same (i.e. it won't hap- passwords, or create complex ones. Regardless of
pen to me ). whether you face such password policies, you may
want to consider a password manager, as well as pass-
This complacency is misguided, as everyone is a poten- phrases.
tial target . Accordingly, this attitude can often result in
poor security habits, with individuals and organizations Software updates: A lack of
treating, for example, password and Wi-Fi security not
as seriously as they should. Whether on desktop, laptop or mobile, there's always
another software update for our apps, operating sys-
This is despite the fact that good cybersecurity can be tems or security solutions. Interestingly, the constant
achieved relatively easily, through good password hy- pop-ups irritate us, with many people failing to under-
giene, regular software updates, anti-virus and even stand just how important they are.
password managers, VPNs and secure encrypted mes-
saging apps. If we fail to update, we're effectively leaving our soft-
ware and devices vulnerable to attack, as cybercrimi-
Passwords: The easy way in nals look to exploit out-of-date flaws. This was the case
with the recent WannaCryptor ransomware worm that
Generic, guessable passwords can be easily cracked, so publicly compromised Britain's National Health Ser-
and they can open a can of worms if you use the same vice (NHS) and Spain's telco Telefonica, and spread to
password across several accounts. Brute-forcing pass- countries throughout Asia, to the United Arab Emirates
words is increasingly fast and easy for criminals today and to at least a dozen more countries in Europe. Had
equipped with either huge computing power, or access the affected organizations properly configured automat-
to buy such expertise on the dark web. ic operating system updates for all their PCs, they may
not have been featured on WannaCryptor's victim list. ◊
Weak passwords, such as 123456, remain common-
place, with many people failing to see how these 'low- By ESET
MediaBUZZ Pte Ltd - Independant ePublisher for Asia