2018 will be remembered for GDPR impact

In 2018, all of us got used to giving privacy permissions on our apps, subscriptions and websites, thanks to the General Data Protection Regulation (GDPR). Although the GDPR affects residents of the European Union (EU), penalties still apply for companies doing business outside of the EU, so long as EU residents are involved. This has made GDPR a global concern, rather than just a European concern.

Several vendors have highlighted the impact that GDPR has had:

Source: Sage. Wherrett.

Arlene Wherrett, VP and MD, Sage Asia said, “The GDPR perhaps had the biggest impact on businesses this year. With the new GDPR requirements on data privacy, businesses can no longer leave the security and privacy of their customers’ data on the back-burner. GDPR is also timely in providing an opportunity for businesses to audit their own data management and operational processes. This provides them with a chance to weed out system inefficiencies allowing them to put in place a foundation for greater success in the new data-driven business landscape.”

“The value of consumer consent will also continue to be a key focus area in 2019. We will see an increasing emphasis on regulations to protect consumer data, ensuring businesses are extracting and using information transparently and securely. Businesses and industries will need to keep up with data security measures, while still enabling meaningful consumer experiences,” said Experian Asia Pacific's CEO Ben Elliott.

Privacy by design

Source: Micro Focus. McNulty.

“2018 revealed the importance of consumer privacy and data protection, with the implementation of regulations such as the GDPR bringing 'privacy by design' to the fore. As numerous data breach incidents have shown, organisations must have a complete overview of the data collection processes – what is being collected, how it is being utilised, stored and encrypted – or risk bearing the brunt of losing stakeholders’ trust,” noted Stephen McNulty, President, Asia Pacific and Japan, Micro Focus.

“Consistent data security should be centrally managed, so developers will not have to worry about policy and can get on with advancing the business with innovation and insight. 2019 will be the year where businesses will shift towards data-level security solutions such as analytics and machine learning – coupled with a unified, uncompromising approach towards implementing such solutions as part of the core business and consumer engagement strategy,” he said.

Source: Cloudera.

Micallef.

McNulty explained that developers today typically do not have time to think about risks, “hence data-security and privacy controls should be built and embedded into their systems by default, rather than added as an afterthought”.

Figuring out privacy in the cloud

The cloud brings complexity in complying with regulations like GDPR, added Mark Micallef, VP, Asia Pacific and Japan, Cloudera.

“Despite its benefits, cloud presents two major challenges to organisations: it increases the possibility of data leaks, and makes it difficult to determine the applicable privacy law as it is not always clear where data in the cloud is physically stored.

Source: Symantec. Trilling.

"With the EU General Data Protection Regulation being enforced in May this year, it is now important for organisations to ensure that the cloud services they use are compliant and that the systems and applications they design do not expose risk,” Micallef said.

“Although the GDPR isn’t a global regulation, it also affects organisations located outside of Europe as long as they collect and store personal data of European citizens. Already, Cloudera customers and organisations that would not be subject to GDPR are taking it as their starting point for their own personal data privacy and protection guidelines. This is in addition to their efforts to comply with their country-specific privacy regulations such as Singapore’s Personal Data Protection Act and Australia’s Privacy Act 1998," Micallef observed.

“Expanding GDPR to become a global regulation is a certainly a potential further evolution. For it to become a truly global regulation though, it will first need to prove its worth in its current form; once that has progressed well and has proven workable, the chances of it influencing international practice will be much higher.”

Source: Symantec.

Thompson.

More privacy-related regulations to come

“The European Union’s mid-2018 implementation of the GDPR will likely prove to be just a precursor to various security and privacy initiatives in countries outside the European Union... Australia and Singapore have enacted a 72-hour breach notice inspired by the GDPR, and India is considering GDPR-inspired legislation. Multiple other countries across the globe have adequacy or are negotiating GDPR adequacy,” said Hugh Thompson, Symantec's CTO and Steve Trilling, Senior VP and GM, Security Analytics and Research at Symantec.

“While we are almost certain to see upticks in legislative and regulatory actions to address security and privacy needs, there is a potential for some requirements to prove more counterproductive than helpful. For example, overly broad regulations might prohibit security companies from sharing even generic information in their efforts to identify and counter attacks. If poorly conceived, security and privacy regulations could create new vulnerabilities even as they close others.”

Source: Experian. Elliott.

“2018 was all about GDPR and the ramifications this change in European data regulations would have on how organisations conducted business globally. In 2019, privacy will continue to be an area of focus for the global market, as new regulations such as e-privacy start to be fleshed out and additional regions such as the US look to implement their own data privacy laws, all of which could have global financial impact," predicted Laurence Pitt, Global Security Strategy Director, Juniper Networks and Mounir Hahad, Head of Juniper Threat Labs, Juniper Networks.
 
"2019 will also be the year that many large non-European players will come to grips with the ramifications of GDPR as it is put into practice.”

Source: Juniper Networks. Pitt.

Wherrett said that other legislative changes have affected businesses in 2018, adding to the responsibilities of CFOs and accounting departments.

“For example, new taxation laws like the Sales and Services Tax (SST) in Malaysia and the new Goods and Services Tax (GST) in India can pose significant challenges for businesses operating in these markets.

"For CFOs and accounting practice partners, this means reviewing financial projections as well as implementing new practices to incorporate the regulatory changes. Moreover, many finance professionals will also need to manage these regulatory changes while going through a role transformation as their organisations continue to adapt to digitalisation," she said.

Global ransomware attacks include Asia

• WannaCrypt, also known as WannaCry and WCry, encrypts data files and ask users to pay a US$300 ransom in Bitcoin. The ransom note indicates that the payment amount will be doubled after three days. If payment is not made after seven days, the encrypted files will be deleted.
• WannaCrypt has the ability to spread itself within corporate networks, without user interaction, by exploiting a known vulnerability in Microsoft Windows.

Microsoft discovered the WannaCrypt (also called WannaCry or WCry) ransomware attack fairly early on May 12, 2017 (US time), according to a blog post. As of the time of writing, the ransomware, a new variant of the Ransom.CryptXXX family, has been detected in over 100 countries including Singapore, Indonesia and India.

"We detected a new ransomware that spreads like a worm by leveraging vulnerabilities that have been previously fixed. While security updates are automatically applied in most computers, some users and enterprises may delay deployment of patches. Unfortunately, the malware, known as WannaCrypt, appears to have affected computers that have not applied the patch for these vulnerabilities. While the attack is unfolding, we remind users to install MS17-010 if they have not already done so," the blog post states.

The company has also taken the unprecedented step of issuing a patch for unsupported versions of Windows, as detailed in another blog post.

"Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers. This blog spells out the steps every individual and business should take to stay protected. Additionally, we are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. Customers running Windows 10 were not targeted by the attack today," stated the post.

"Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download."

Security firm Acronis has noted that many organisations are waking up to the fact that ransomware isn’t something that just happens to “other people”.

The threat, as demonstrated by this weekend’s attacks, prove that businesses worldwide needs to be protected against ransomware, the company said.

Acronis' VP of Engineering, Nikolay Grebennikov said, “People, and businesses hear ‘ransomware’ and think such an attack can’t happen to them. The fact is that it can...47% of businesses were under ransomware attacks last year and that’s growing."

Grebennikov noted that the real question businesses, hospitals and telcos should be asking is how they can protect themselves from a ransomware attack that is seemingly inevitable. "The answer – a reliable backup solution that includes active protection against ransomware attacks.

He also said that shutting down computers is a short-term solution that will not help. "Only an integrated solution, combining of backup (passive) and proactive security (active) technologies, working together in one product, provides data recovery in any situation. With such sophisticated ransomware, you can’t have limitations on size of the files, number of files.

Source: Symantec blog post. The Wcry display screen.

Symantec has reassured customers that Symantec and Norton customers are protected from the WannaCrypt malware. "Customers should run LiveUpdate and verify that they have the following definition versions or later installed in order to ensure they have the most up-to-date protection - 20170512.009", the company shared in a blog post.

Nick Savvides, Security Advocate, Symantec Asia Pacific and Japan, has the following advice for users:

Once the encryption process starts, there is little the user can do, as it happens very quickly

"It is unlikely that the user will notice the ransomware is encrypting until it’s too late. If the user realises in the seconds after running the malware, they may attempt to power off the machine, then use an external boot disk to boot the machine and run a cleaner tool like Norton Power Eraser. This may prevent the ransomware from encrypting all the files," Savvides said.  

Any computer that has been infected should not be trusted

Security tools like Norton Power Eraser, or Norton Internet Security may be able to remove the infection but the files will still be encrypted. "It is always best to restore the computer either from a backup, or reset to factory using a recovery disk and then immediately update and apply all patches," Savvides advised.

"These are important steps, as we have seen ransomware, that not just ransoms the users’ files, but also installs banking Trojans to clean out the users’ bank accounts, typically capturing the users’ banking details when they log into their bank to pay the ransom. If the backups were not encrypted by the ransomware, it is unlikely that the files were infected."

Symantec recommends affected users not pay any ransom

"Paying criminals is never recommended, as it feeds them and rewards them for their crimes. There is also no guarantee that your files will be released back to you," Savvides said.

Other best practices for protecting against ransomware include: 

• Always keeping security software up to date
• Keeping the operating system and other software updated. Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by ransomware attackers.
• Be wary of unexpected emails especially if they contain links and/or attachments.
• Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.
• Backing up important data is the single most effective way of combating ransomware infection. Organisations have to ensure that backups are appropriately protected or stored off-line so that attackers cannot delete them.
• Using cloud services could help mitigate ransomware infection, since many retain previous versions of files, allowing subscribers to “roll back” their operations to the unencrypted form of their files.

In 2016, Singapore ranked 8th regionally for ransomware, the same position as in 2015. It is the 24th-most targeted country globally for ransomware in 2016, up from 42nd in 2015, accounting for 0.5% of ransomware infections on unique machines. According to the Symantec Internet Security Threat Report, Volume 22:

• The average ransom per victim grew to US$1,077 in 2016, up from US$294 in 2015, a 266% increase.
• Ransomware attacks grew to 463,841 in 2016, up from 340,665 attacks in 2015 (a 36% increase).
• One in 131 emails contained a malicious link or attachment in 2016, the highest rate in five years.
• There was a twofold increase in attempted attacks against IoT devices over the course of 2016 and, at times of peak activity, the average device was attacked once every two minutes.

Interested?

Download the patch for Windows XP, Windows 8, and Windows Server 2003

Read the Microsoft blog post about how the ransomware spread

Read the MalwareTech blog post on how registering a command and control domain name stopped the ransomware in its tracks. Editor's note: While this was a very happy accident, there is no guarantee that future ransomware attacks can be stopped the same way. 

Read the TechTrade Asia blog post about Kaspersky Lab naming ransomware its security story of the year for 2016

Norton by Symantec launches new version of Norton Security

Source: Symantec. Norton Security Premium box shot.

Norton by Symantec has launched its new Norton Security software in Singapore, boosting its protection and performance levels for consumers. Norton Security provides security protection in one subscription service across multiple platforms, including Windows, Mac, Android and iOS.

According to Symantec’s latest Internet Security Threat Report, Symantec discovered more than 430 million new unique malware in 2015, up 36% from the year before. In August 2016 alone, there were 45 million new malware variants, the highest level seen since August 2015. Furthermore, the Norton Cybersecurity Insights Report revealed that 1,008,000 people in Singapore fell victim to online crime in 2015.

“Norton by Symantec engineers are on the front lines of cybersecurity, building technologies that are constantly analysing new threats and devising new ways to protect consumers and their devices,” said Nick Savvides, Security Advocate, Norton. “With the growing frequency of cyberattacks on all platforms, consumers need the comprehensive multiplatform protection offered by Norton Security.”
Norton Security uses multilayered technology to help protect devices, privacy and personal files such as music and financial information from emerging threats, including ransomware, malicious websites, zero days and phishing attacks.

New features in Norton Security include:

Proactive exploit prevention
Zero-day vulnerabilities (which were up 125% in 2015), are gaps in software which can allow hackers through that were unknown to the software vendor. Norton Security’s Proactive Exploit Prevention technology recognises a range of malicious behaviours that are trademarks of zero-day attacks. One of the benefits of this approach is that users are then protected against a wide variety of exploit attacks before a software patch becomes available – a process that can take weeks or months.

Emulation technology
Cybercriminals can hide malicious code in innocuous-looking files. Such practices can evade traditional antivirus techniques, and Symantec says 83% of all malware currently employing antivirus evasion of one form or another. Norton Security’s newly-developed emulation technology unpacks and runs files in a virtual machine - a process called sandboxing - for examination to unearth malware before it can compromise the user’s machine.

Predictive machine learning engine

Antivirus solutions traditionally rely on signatures of known malware to protect consumers. Criminals have since invented ways to evade the signatures. The Predictive Machine Learning Engine anticipates new and evolving malware variants and helps accurately detect and blocks both new and unknown malware.

Faster Mac protection
Mac users will see faster scans and lower overall memory utilisation on their devices.

My Norton
This web portal allows customers to access Norton subscription features, manage their account and devices and learn about new threats from any device. It offers more engagement with customers with smarter alerts and messaging.

Mobile protection
Norton Mobile Security, available with a Norton Security subscription and through the Google Play and Apple App stores, offers:

· Anti-theft and contacts backup to help users recover lost or stolen devices and restore lost information.

· App Advisor for Google Play automatically scans apps on Google Play before they are downloaded and provides proactive and relevant information to users on security, privacy, intrusive behaviours and unusually high battery or data consumption.

· Enhanced Android protection: There were more than three times as many Android apps classified as containing malware in 2015 than in 2014, an increase of 230%. Norton Security uses anti-malware protection, call and SMS blocking to protect Android devices.

Symantec also said that Norton WiFi Privacy, a separate mobile app launched in July, is beginning to see traction in the Asia Pacific region, especially in Japan. The by-subscription virtual private network (VPN) service for mobile use is targeted at mobile users who take advantage of free and usually unsecured Wi-Fi networks. Free Wi-Fi is common, but especially so in the region in Singapore, Australia and New Zealand, Savvides said.

A VPN prevents criminals from seeing what users of unsecured Wi-Fi networks are doing on their mobile phones. Criminals can steal passwords and pictures, leverage the information to send the user to fake sites for phishing, or invite the user to download related materials which actually contain malware.

Savvides agreed that there are other VPN services available, including free ones, but pointed out that no pricing typically means fewer resources are used to support performance, reliability and availability.

"Growth is in line with our ambitions to date. We want to see the business grow, and we want to see it translate to our mobile subscribers," he said of Norton WiFi Privacy, point out that few mobile users adopt VPNs today or mobile security for that matter. "We are in the awareness phase."

In the light of the recent attack on Dyn which shut down major sites such as Spotify and Reddit that had been traced to unsecured Internet of Things (IoT) devices, Savvides shared that Symantec's IoT consultancy service is very popular, explaining that product designers and sales people at IoT device manufacturing companies are not trained in security and cannot conceive that there could be cyberthreats resulting from the way their products have been designed. The company provides manufacturing guidelines for customers and also teaches them how to write security protocols, he said.

"Everyone is confident that their products are secure until they aren't," he said. "The IoT people designing the things don't understand that it could be a problem."

Owners also have a part to play in securing the IoT. "How often do you update your CCTV cameras? Your TV?" he asked.

Interested?

Pricing for Norton Security starts at S$59. Norton Security is available for purchase online, in retail stores and through value-added resellers as well as at sg.norton.com.

Singapore's attitudes to cybercrime (and security) differs by generation

Just this week, I encountered WhatsApp spam shortly after a friend shared a link for a McDonald's discount coupon from Sniflr. Googling unveiled that Sniflr phishes, and also invites victims to share the discount with 10 friends via WhatsApp, effectively adding 11 numbers to a WhatsApp spamming list.

Yesterday, it was a promoted tweet on my Twitter timeline, offering a whopping S$100 off for a purchase of S$120 at popular Singapore supermarket chain NTUC. Googling produced a newspaper warning dated some months ago that the discount coupons for NTUC being circulated on Facebook were fake, and NTUC's own Twitter account has confirmed it.

If it sounds too good to be true, it probably is, says Norton by Symantec, which recently released its findings from the Norton Cybersecurity Insights Report.

The report sheds light on what people think about cybercrime today. It found that globally, 62% of consumers believed it is more likely their credit card information will be stolen online compared to only 38% who think it is more likely they will lose credit card information from their wallets. Additionally, 47% reported they have been affected by cybercrime.



In Singapore:

 Approximately seven in 10 (69%) Singaporeans believe using public Wi-Fi is riskier than using a public restroom

 Seven in 10 consumers think that storing their credit card and banking information in the cloud is riskier than not wearing a seatbelt

 More than seven in 10 (71%) consumers believe getting their credit information stolen after shopping online is more likely than having their credit card stolen out of their wallet



“Consumer confidence was rocked in 2014 by an unprecedented number of mega breaches that exposed the identities of millions of people who were simply making routine purchases from well-known retailers,” said Gavin Lowth, Vice President, Norton Consumer and Small Business, Asia Pacific and Japan. “Our findings demonstrate the headlines rattled people’s trust in online activity, but the threat of cybercrime hasn’t led to widespread adoption of simple protection measures people should take to safeguard their information online.”

Lowth said there were clear generational differences in attitudes. Baby Boomers – a group often considered less tech savvy – report more secure online habits than Millennials. Millennials, born in the digital era, often throw caution to the wind with 33% admitting to sharing passwords and other risky online behaviour.



Singapore consumers lost an average of 20 hours over the past year dealing with the fallout of online crime and nearly S$545 per person – totalling roughly S$5.49 billion. On top of this loss, cybercrime took an emotional toll with six in 10 (61%) of consumer cybercrime victims in Singapore feeling frustrated after becoming a victim. Further, in Singapore:

 More than eight in 10 (82%) of respondents said they would feel devastated if their personal financial information was compromised

 Nearly three-quarters (74%) of respondents believe dealing with the consequences of a stolen identity is more stressful than preparing for a presentation at work (52%)

 Nearly seven out of 10 (68%) respondents are more stressed when they realise that they have downloaded a virus than sitting next to a screaming baby on a plane (51%)

Despite concern and awareness of cybercrime, consumers are overconfident in their online security behaviours. When asked to grade their security practices, they consistently award themselves “A”. But in reality, most are not passing the most basic requirement of online security: password use. In Singapore:

 Of those using passwords, only three in 10 (29%) respondents always use a secure password – a combination of at least eight letters, numbers and symbols. Worryingly, nearly one in four do not have a password on any device.

 People are sharing passwords to online sensitive accounts with friends and family. Of those sharing passwords, almost one in four (23%) share the password to their banking account, and on average they are sharing passwords for two accounts, with the most common passwords shared being email (59%), social media (44%) and TV/media (16%).

 Even though 80% believe it is riskier to share their email password with a friend than lend them their car (20%), half of those sharing passwords do just that.

Norton's tips for online safety include :

 Choose a unique, smart, secure password for each account you have online.

 Delete emails from senders you don’t know (or senders you know but who don't normally email), and don’t click on attachments or links on suspicious-looking emails.

 On social media sites, receiving an offer that sounds too good to be true, might be just that. Beware of the pitfalls of clicking on links from social media sites. Before clicking, hover the mouse over the link to see its destination. Only click on links that lead to reputable, official company pages.

 Always monitor your financial accounts for unusual activity. If there is a charge that you didn’t make, report it immediately. Often cybercriminals will charge a small “test” amount before attempting to drain your bank account.

 Don’t put off installing security software such as Norton Security and updating it regularly.

 Use a secure backup solution to protect files and backup regularly so criminals can’t hold them for ransom. Paying a ransom is no guarantee that you will get the data back,though the argument goes that it is in the interest of the criminal to return the data in order to encourage future payments.

 Report cybercrime to the local police or national cyber crime organisation if you have been affected by cybercrime or identity theft.

Interested?

Read the report

*The Norton Cybersecurity Insights Report is an online survey of 17,125 device users ages 18+ across 17 markets, commissioned by Norton by Symantec and produced by research firm Edelman Berland. The margin of error for the total sample is +/-0.75%. The Singapore sample reflects input from 1,009 Singapore device users ages 18+. The margin of error is +/- 3.09% for the total Singapore sample. Data was collected August 25 to September 18, 2015 by Edelman Berland.

Norton Security protects computers, smartphones and tablets

Source: Norton website.

Symantec has made its flagship subscription service, Norton Security, available in Singapore. Norton Security is a multi-layered protection solution that helps shield consumers from cyber threats across different devices. According to Symantec’s Internet Security Threat Report, there were nearly one million new threats released into the wild each day while crypto-ransomware threats increased by more than 4,000% in 2014.

"We live in a world where cybercriminals are working overtime trying to find new ways to steal personal information. At Norton, we want to give people confidence, whether they're sharing photos online or shopping from a smartphone, that Norton Security is working behind the scenes to keep their information and their devices protected," said Gavin Lowth, VP, Norton Consumer and Small Business, Asia Pacific and Japan, Symantec.

Source: Symantec.

Norton Security is a single service that protects PCs and Macs, as well as Android smartphones and tablets, iPhones and iPads. It is also Windows 10 compatible. There are three tiers of service:

• Norton Security Standard for a single PC or Mac
• Norton Security Deluxe, for multiple devices and platforms, and
• Norton Security Premium, for multiple devices and platforms, plus additional family features and backup.

Shared feature highlights include:

Protection and performance: In three third-party tests, Norton Security is not only the fastest security product¹; but also scored 100% in 'time-to-protect'² by blocking all malware attacks on day one; and scored 100% in 'vulnerability protection^3'. 

Beyond antivirus: Norton Security builds on patented innovations like Insight, SONAR and threat monitoring with aggressive threat detection techniques that enable it to identify even the most resistant threats. SONAR detects potentially malicious applications before traditional virus and spyware software can come up with a solution.

Norton Security offers a 100% guarantee* that will result in a refund for customers if a Norton expert fails to remove a virus from a PC or Mac.

Norton Security's management portal has been updated to make it easier to add protection to new devices, view protection status, and manage their subscription details.

Norton Mobile Insight protects against apps that leak personal information/content from devices, change settings, place ads in the notification bar, and require high battery or data usage. Such information gives consumers more insight into what personal information is being collected and why their data plan costs may be rising, before they even download the app.

Norton Security Premium offers consumers the option to back up and save files on their PCs. Consumers can also purchase additional backup in 10GB increments at a pro-rated price, allowing them to pay only for what they use, and receive a consolidated request for renewal once a year.

Norton Security comes with 24x7 customer support from technical experts both by phone and online at no additional cost for a period of one year. Norton Security is backed by a team of more than 500 security experts around the world. The team uses more than 41.5 million attack sensors recording thousands of events per second from more than 157 countries. Norton and Symantec protect 1 billion systems, scan more than 30% of the world's email traffic, and protect over 135 million consumers every day. More than 31 billion URLs, 1.7 billion web requests and 25 billion executable files are tracked daily.

Interested?

Prices for Norton Security begin at S$59. Norton Security is available for purchase online, in retail stores and through value-added resellers, as well as at sg.norton.com.

1 PassMark, September 2014, An overall performance test score comparison
2 Dennis Labs, September 2014, Tracking Anti-Malware Protection 2015

3 AV-Test, September 2014, Real World and Vulnerability Protection, Performance and Remediation Report
*Restrictions apply. Users must be enrolled in Norton's automatic renewal service online. See Norton.com/guarantee for more information.