May 6 is World Password Day, but every day is a good day to revisit the strength of your security codes as cybercriminals are continuously trying to gatecrash into your online accounts. This is proven by fresh data from Kaspersky.
According to the global cybersecurity and digital privacy company, it has prevented 25% more password stealers in Southeast Asia (SEA) during the first three months of the year compared to the same period in 2020.
Password stealers are a type of malware that steals account information. In essence, it is similar to a banking Trojan, but instead of intercepting or substituting entered data, it usually steals information already stored on the computer: usernames and passwords saved in the browser, cookies, and other files that happen to be on the hard drive of the infected device.
Overall, Kaspersky solutions have blocked 776,684 Trojans designed to steal accounts in Q1 2021, 155,942 more incidents compared with last year’s 620,742.
While Indonesia and Thailand registered a slight decrease, the remaining four SEA countries logged an uptick on password stealers detections, with Singapore registering the highest increase at 79%. This comes on the back of the latest Cyber Security Agency of Singapore (CSA) Public Awareness Survey where 28% of Singaporean respondents experienced at least one cyber incident amidst low levels of antivirus solutions, especially when it comes to mobile devices.
|Country||Q1 2020||Q1 2021|
“It is known that Southeast Asia homes the most active social media users in the world. Especially in Singapore where the digital penetration rate is among the highest in the region at 88.4%, passwords are clearly the first line of defence when it comes to safeguarding our personal and financial data. Hence, it is expected that cybercriminals would be very interested to take over our virtual accounts brimming with financial and confidential data,” comments Yeo Siang Tiong, General Manager for Southeast Asia.
“As we harness the power of technology and the internet, we urge everyone to strengthen their online locks regularly. Like how we improve our security systems as our houses accumulate more assets, we should also be more thorough on how we secure our online properties as we store more data in it,” adds Yeo.
Lessons from The Three Little Pigs
To show the importance of stronger passcodes and cybersecurity measures, Kaspersky reminds users of the classic tale – The Three Little Pigs. The well-known English folk tale’s seemingly simple plot explains the idea behind a brute-force attack.
The tale begins with the three pigs selecting a hardware solution to protect against cyberthreats. It appears to be some kind of Internet gateway. The first chooses a device made of straw (cheap and unreliable), the second opts for wood (more reliable, but still not great), and the third puts up a real firewall made of stones.
The wolf in the fairy tale is depicted as a fairly low-skilled hacker. His approach to the information infrastructure of each little pig is to attack it with the only tool available to him: blowing. As you surely recognize, this is analogous to brute-force hacking. In cybersecurity, brute force is usually applied to cracking passwords.
The tale shows that this technique can indeed be effective when the target doesn’t pay much attention to cybersecurity: The first two porcine huts cannot withstand the brute-force attack, and the attacker gets inside. But with the third, he encounters problems.
In other words, even storytellers two centuries ago knew that using inexpensive routers with default passwords, or practically using weak passwords in general was a recipe for disaster.
To boost your password and to secure your accounts like the third pig, Kaspersky experts provide some quick tips and tools:
- Check the strength of your current passwords. Kaspersky has a free tool to help you on this
- Use Have I Been Pwned, to see if your passwords have been leaked
- Update your password regularly, at least every 90 days. A password manager can assist you in remembering them
- Set up two-factor authentication, so even if your login and password have been stolen, they will not be enough to access your account
- Only download apps from trusted sources
- Use a reliable security solution, such as Kaspersky Total Security, which will be able to identify stealers and stop them from stealing your data