Newsgate360 – Riyadh: The latest assessment of cyber infections that targeted users in Saudi Arabia has shown a clear tendency, with a decrease in malicious activity on weekends. While during an average Friday, the malicious activity blocked by Kaspersky security solutions prevented malware attacks on nearly 94 thousand users on average, the figure for the weekdays was around 134 thousand. According to Kaspersky researches, this tendency is not a coincidence:
“Attackers’ best chance to succeed in achieving their malignant acts, is most often targeting persons behind keyboard, as the vast majority of threats simply circulate around the internet by email, aiming for users to open an malicious attachment or click on a snare web-link (visiting a phishing website, for instance). Given all this, it is obvious, that the more users are using laptops, mobile devices and PCs, the more chances they have to download malware – says Maher Yamout, a security researcher at Kaspersky. In addition, very often, criminals just scan random IP addresses, probe the ones that can be found online and attempt to infect them. Good news is, corporate networks most often are equipped with security solutions to prevent the infection launch. This is why we would like to appeal to those who now have to use personal devices while working at home during home-isolation: please take basic precautionary measures. Some easy steps might save you and your device a lot of troubles”.
Kaspersky statistic of attacks on users clearly depicts the tendency, where malware attacks in Saudi Arabia see a sharp decrease on weekends
Kaspersky researchers have also shared their advice on the basic security hygene that users working from home should take:
- Apply the latest updates to your operating systems and applications as soon as they become available.
One of the main attack vectors in 2019’s ransomware municipal attacks was compromising a device through a security weakness. The most widespread cyber epidemic (Wannacry ransomware) to date was the result of an unpatched weakness that Wannacry exploited, though the patch was released even before the malware outbreak. And yet Kaspersky statistics shows that nowadays, three years later, there still are oudated devices open for such exploitation. In 2019, Wannacry accounted for a quarter of cases that involved users infected with ransomware.
- Only use authorized VPN software to connect to your corporate network, and use known-legit VPN software if you are working remotely using public WiFi.
When you’re connected to the Internet through a VPN connection, this private Internet access ensures that you’re not exposing your private information. A VPN connection establishes a safe passageway through all the insecurities of public networks. If you need to connect to your corporate network, ensure you are using your corporate VPN in tunnel-all-traffic mode to avoid data leaks.
- Always type-in web addresses yourself. Don’t click on links or attachments, or respond to unsolicited messages.
Scammers might employ various tactics to comprise users. Some include manipulating words for visual deception, such as replacing the capital ‘i” with a lower case L that are almost identical visually (try to tell ‘l’ from ‘I’”). In addition, Modern spam and phishing can be very convincing, inviting you to click on a hyperlink with an address of an authentic website. However, what you see is only a hyperlink. Malefactors might want you to land on a phishing website, and so they have to direct you there with a link or a button. But if you hover your cursor over that link, the URL’s destination address will appear (in the bottom left corner of your browser or e-mail app, for example).
- Backup your data regularly to an external drive that you keep offline to avoid losing your private information.
Backup should be performed regularly and also before any important operations, be it hardware upgrades, installation of patches, data migration or new program installation. No matter how technology develops, a good old backup will never lose its value, keeping us resillient in a difficult situation should an incident occur. We urge you to use automatic backup solutions that will allow you to restore relatively up-to-date data and avoid losing vital work related documents.
- Only use apps from trusted sources, e.g. Google Play, the App Store, or the trusted portal you’re using or those provided by your workplace/educational institution. However, do not loose vigilance.
Remember that even a trustworthy source, such as an official app store, can contain dangerous apps. Be vigilant and always check application permissions to see everything that installed apps are allowed to do. Check the app ratings and reviews on official stores, such as Google Play or the iOS App Store. Malicious apps will sometimes receive low ratings and users will post comments that warn others about the risk of malware If you are about to install such an app – pay extra attention to its permission requests. Always avoid uncommon app stores or unthorized portals to download common apps.
- Protect all devices with a reputable Internet security product, including mobile devices.
Look for a comprehensive security solution that includes antivirus, anti-ransomware tool, mobile security, password management, VPN, privacy tools, data leak detection, Home Wi-Fi security & payment protection. This will enable you to monitor working processes and detect malicious behaviors. Kaspersky offers such package as part of Kaspersky Total Security solution.