There were no immediate reports from authorities of damage or casualties
asia1 hour ago
Often times, the only thing standing between you and ruinous financial consequences is a strong password, security experts say.
With how hectic our daily lives have become, it is hard to spare more than a thought for something that is not considered to be a task in need of immediate attention – sadly, passwords seem to fall into this category. World Password Day, though, would beg us all to reconsider.
Maher Jadallah, regional director - Middle East, Tenable, explains that World Password Day, which falls every year on the first Thursday in May, is an initiative to encourage individuals to create and use strong passwords.
“Practically everything we do in both our personal and professional lives involves an online identity,” he said. “Whether it is accessing corporate networks, utilising electronic communication and messaging services, sharing video clips with our friends and family via social sites, all require some form of identity verification for access that typically takes the form of a username and password combination.”
The issue, he says, is that vast databases containing these combinations are available on the dark web. Every time one site is breached and this information exposed, attackers will try these against other virtual locks to see if they will open more than just the compromised account. Unique password and username combinations will prevent credential stuffing, but this creates another challenge.
“When you think about the number of online accounts any person has, this can quickly mount up to be in the hundreds,” Jadallah said. “Password managers can help, allowing users to have numerous password combinations, while ensuring all these ‘keys’ are stored and accessible, but isn't this just delaying the inevitable. While strong passwords are beneficial, organisations could be doing more to implement stringent security verification; multifactor authentication, one time passcodes, and biometrics such as fingerprint, iris scan, and facial recognition all provides a much stronger lock to keep attackers out.”
Avinash Gujje, practice head – Infrastructure, Cloud Box Technologies, agrees and said that traditional passwords will never become extinct, however, the mode of the password usage will definitely change. “Today, in any IT environment, the end user password has rapidly changed into face recognition, touch based or multi-factor authentication, however the core systems still depend on traditional passwords policy due to the system dependencies.”
Duane Nicol, a cybersecurity expert at Mimecast, says that cybercriminals are capitalising on poor password hygiene and a lack of cybersecurity awareness from end users to bypass an organisation’s defences – with potentially ruinous consequences. He also noted that the Covid-19 pandemic and switch to remote work created new vulnerabilities that cybercriminals are working hard to exploit. In response, organisations should build greater cyber resilience by implementing updated security controls and prioritising regular cybersecurity awareness training to protect employees, and the business, from attacks.
“Our research has found that users that are exposed to regular cybersecurity awareness training were more than five times less likely to click on dangerous links originating from phishing emails,” says Nicol.
The research shows that 75 per cent of respondents in the UAE believe that their employees’ poor password hygiene is putting their company at risk. In addition, 50 per cent of UAE respondents expect security naïve employees to be their biggest e-mail security challenge in 2021, compared to a global average of 43 per cent.
Nicol says that good password hygiene and high levels of awareness of different cyberattack types are proven methods for reducing the risk of an attack and protecting organisations and their employees. “Effective training is engaging, interesting, and frequent, and encourages users to regularly update their passwords and teaches them how to identify phishing e-mails that could be tricking them into handing over sensitive information.”
Users, he said, should always use passphrases as these are far harder to crack, make use of IT approved password managers and ensure they aren’t using the same password across multiple platforms. Having unique passwords across personal and company platforms will ensure that if a person’s social media profile is phished for example, they aren’t at risk of having a corporate account compromised.
Similarly, Amit Hooja, CEO of NetGraph, said that becoming complacent and choosing the easiest path is sometimes driven by business decisions where organisations onboard clients with the least amount of effort and password security, as well as Two Factor Authentication.
“On the other hand, some organisations tend to address and include new and improved features in their quest for better customer experiences and sometimes fail to test for security holes in the background,” he said. “Additionally, legacy code that may have been written two years ago gets left out, is vulnerable, and opens up so many security holes.”
rohma@khaleejtimes.com
There were no immediate reports from authorities of damage or casualties
asia1 hour ago
His captivating performances quickly garnered attention within the magic industry, propelling him to prominence as one of Dubai's most sought-after magicians
kt network1 hour ago
Cyclone Hidaya is likely to 'bring strong winds and large ocean waves, with heavy rainfall' expected to hit the coast starting Sunday
world1 hour ago
Vadra's artistic prowess knows no bounds, as evidenced by his diverse portfolio spanning wildlife, street photography, and commercial art
kt network1 hour ago
The Caribbean admitted to seven charges, including those related to franchise-based leagues in Sri Lanka, UAE and the West Indies, the ICC said
sports1 hour ago
The CST-100 Starliner test mission will ferry two Nasa astronauts to the International Space Station
space2 hours ago
According to Palestinian prisoner associations, the health worker had been detained by Israeli forces while temporarily working at Al-Awada Hospital
mena2 hours ago
Arfan Bhatti, a 46-year-old Islamist who has lived and is well-known in Norway, is suspected of having planned the attack
world2 hours ago