5 cybersecurity trends to note (plus tips to stay safe online)

At the rapidly evolving frontier of cybersecurity, it pays to have an understanding of the emerging threats and the protective actions that can be taken to mitigate them.

When Singapore rolled out its Digital Government Blueprint in June 2018, building reliable, secure and resilient systems was earmarked as a key priority. Aware of the risks from digitalising government systems—especially with the push for cloud-centric services—the Cybersecurity Agency of Singapore and the Government Technology Agency of Singapore (GovTech) have been keeping a close eye on the global cyber threat landscape and are working with government agencies to bolster defences and prevent security breaches.

TechNews spoke to Mr Shane Woo, an associate cybersecurity analyst at GovTech, to learn about some key trends in cybersecurity, as well as highlight how individuals and organisations can stay safe online.

1. Cryptojacking

If 2017 was the year of ransomware—malicious software that ‘locks up’ victims’ computer files until a ransom is paid, then cryptojacking was the cyberthreat flavour of the year in 2018, said Mr Woo.

The rise of cryptocurrencies such as Bitcoin has seen cybercriminals surreptitiously installing what is known as cryptocurrency mining bots on vulnerable computers. These bots basically tap on the combined processing power of infected computers to generate revenue for the hacker. According to cybersecurity firm Kaspersky, cybercriminals can earn as much as US$30,000 a month using a single cryptocurrency mining botnet.

How do you know if you may be a victim? Your device may be slowing down, heating up or its battery may be draining faster than usual. To remedy a cryptojacking situation, try purging your browser extensions, performing a scan of your device with updated antivirus software and using web filtering tools to block suspicious pages.

2. Social engineering

Even as new cyberattack strategies emerge, others like social engineering persist. A typical social engineering attack goes like this: you receive an email that appears to be from a legitimate source, perhaps from a company or an organisation that you’ve interacted with before.

You click on the link, and you’re redirected to a website requesting for personal information. Only after you’ve keyed in the information do you realise that the website is not secure (not HTTPS) or has its URL misspelt—you’ve just fallen for a phishing attack and surrendered confidential information into the hands of an unknown entity.

“Social engineering (which includes phishing) has been a consistent trend in the last few years and remains one of the top threats in many different countries,” said Mr Woo, adding that “email is, by large, the most popular delivery vector globally.”

Individuals are therefore advised to read messages or emails carefully before clicking on any links or downloads. Additionally, personal information should never be divulged without first verifying the identity of the requester.

3. Vulnerabilities in the cloud

As individuals and organisations move towards data storage and processing on the cloud, Mr Woo highlighted that the convenience of the cloud comes with risks.

For example, cloud computing makes it inexpensive and simple for a company’s personnel to provide additional services or software from the cloud service provider without the approval of the company’s IT department. This could inadvertently introduce vulnerabilities to the company’s IT systems. Mr Woo also noted that incorrectly configured access controls are a major cause of cloud breaches globally.

Another risk associated with the cloud is the fact that the hardware and the infrastructure is under the control of the cloud provider. “Although currently the service providers are doing quite well in enforcing security and this does not seem to have resulted in any problems, compromise of the cloud provider or of shared hardware could result in a breach,” Mr Woo said.

Therefore, organisations migrating their processes to the cloud will need to re-evaluate their cybersecurity landscape and put in place systems to constantly monitor and log information about its cloud-based applications, services, data and users.

4. Dirty flash drives

Data transfers within organisations still often occur via portable storage media such as USB flash drives. These devices represent a weak link in the cybersecurity chain, said Mr Woo.

“There isn’t anything inherent about the USB itself that prevents malware from being stored on it. So if you’re using a thumb drive and you plug it into a machine connected to the internet, suspicious files can be transferred onto it [and spread to another machine later],” Mr Woo explained.

He shared that within the Singapore government, detected and blocked malware were mostly from external hard disk drives or flash drives. Aside from an outright ban on the use of portable storage media, organisations can consider issuing personnel with authorised storage devices, setting up secure channels for file transfers, and educating individuals on file-sharing hygiene.

5. Poor password practices

Finally, Mr Woo highlighted that “a very common thing that hackers like to do is to take credentials exposed during previous data breaches and try to reuse them.” This is known as credential stuffing and is particularly dangerous when individuals use the same username and password combinations for private and official accounts.

Protecting yourself from credential stuffing is simple—just use a unique password for each new account created. While it can be tedious to remember multiple pairs of usernames and passwords, this problem is easily solved with reputable password manager software.

Mr Woo also emphasised the importance of changing passwords periodically. Quoting tech geek Chris Pirillo, he said, “Passwords are like underwear: you don’t let people see it, you should change it very often, and you shouldn’t share it with strangers.”