The Irish becoming serious about protecting laptops, less about other devices, but have no idea what data leakage is

The latest research ESET Ireland did was about how covered Irish computers and devices are with antivirus and data leakage protection.

The research by ESET Ireland, was carried out on a thousand people. First we determined what sort of devices the Irish use to connect to the internet:

Am03

Then we found out 90% of Windows-based PC/Laptop users have antivirus installed, as do 63% of Mac users. Linux users, however, still feel confident they’re entirely invulnerable, as only 10% use antivirus protection. The picture is a bit grimmer among mobile users, as only 41% of Android users have their mobiles protected by antivirus, followed by 27% of iPhone users and 26% of Windows phone users.

Am01

But the picture completely changes when it comes to Data Leakage Protection. The Irish, so it seems, are barely aware of data leaks being a problem at all, as 74% answered they don’t know, while about a third of Linux users use some protective measures, as does one in four Windows/Mac users.

Am02

So, while malware awareness seems to have reached a certain satisfactory level among computer users, it is still lacking for mobile devices, even though mobile devices are as much targets of malware as are computers, since they’re increasingly used for accessing social media, various apps and offer various purchasing functionality, which could be compromised by malware, causing the victim direct financial damage.

More surprising is the complete lack of awareness about data leakage, particularly with the amount of coverage the media have already given various data leaks in the past. With BYOD (bring your own device) becoming increasingly popular, this could cause many companies’ sensitive data being at risk of getting lost or stolen.

So, mobile users should give installing an antivirus on their device some thought and all computer and mobile device users would be wise to start paying attention to information on data leakage a bit, if they wish to avoid related trouble.

High cybercrime levels and worrying youth cyber-bullying, latest Irish survey shows

New survey by ESET Ireland reveals what terrible things befall the Irish with regards to their computers and smartphones. One in five Irish had laptop, smartphone or tablet stolen and over 50 per cent had a computer virus infection.

ESET Ireland, the distributor of ESET NOD32 Antivirus, has commissioned a survey to find out what endangers Irish computer and smartphone users the most. The research was carried out by Amárach research on 1018 Irish adults.

We asked Irish computer, smartphone and tablet users if they’ve experienced any of the following, and these are the results we got:

irishcybercrime

54% of Irish computer and mobile device users have admitted to having had their computers infected with various viruses. Although we have no way to prove the correlation with results of a survey we did a few months ago, where 45% of Irish computer users admitted to using free antivirus and 8% using pirated or no antivirus at all, these two numbers do add up to 53%, which being nearly exactly the percentage of the infected too, is an interesting coincidence.

We also didn’t quite expect the relatively high numbers of other distressing things that happened to Irish users. One in five had their laptop or device stolen, about one in seven had their credit card abused, their emails or social media account hacked, fell victim to a scam and 4% even had their identity stolen online. With over three million estimated Internet users in Ireland, we can guesstimate that up to a half a million people were victimized in this way.

A smaller, but not negligible 9% of people have also been victims of unauthorised use of their emails and social media by friends or family, colloquially known as “fraping” (a combination of Facebook and rape), something that usually occurs when people forget to log out. While usually only used to embarrass the victim and not for serious cybercrime, if it occurs with malicious intent among children, it can also be classified as or lead to cyber bullying.

Here it stops being funny, as 5% of all surveyed have admitted to being victims of some form of cyber bullying. Since the survey includes all age groups, the group most affected needed to be looked at more closely. And in the demographic breakdown the age group 15-24, a shocking 13% have said they were cyber bullied. Since the phenomenon is predominant in even younger age groups, we can imagine the results of a survey focusing only on teenagers would give even scarier results. This should be very worrying for parents and teachers across Ireland. Over a year ago, we did a survey where we asked Irish parents if they leave their children unauthorised online, and with up to 73% of children being left unsupervised, we find this very concerning, since Ireland has had some very publicised experience with cyber bullying.
Anti-theft and anti-scam technology can counter these threats, but can’t take over common sense and parenting responsibility

The high level of laptop and device theft is one of the reasons ESET introduced anti-theft GPS tracking technology to the latest version of their security products. To combat scams, ESET introduced anti-scam monitoring as well. But just like with all the safety features in a car and on roads, most still depends on the driver. With computers it is no different. ESET cannot make users be more responsible with their credit card info online, nor force them to use safer passwords to prevent email or social media abuse. We can also not make people log out of their accounts or falling for scams if they ignore the warnings. And most importantly, no software can replace actual parenting or prevent children bullying each other, if those responsible don’t go about it in a cyber-aware manner themselves.

Online security is more than just installing an antivirus and a firewall. It is also knowing about threats and staying informed, as well as acting responsibly when using computers, smartphones and other devices, since, as can be seen from the statistics above, threats come in many shapes and forms and some can also have terrible consequences.

Urban Schrott
IT Securit & Cybercrime Analyst
ESET Ireland

Research reveals nearly half of all Irish computers depend on free antivirus for protection

A recent poll commissioned by ESET Ireland shows 45% of Irish computer users use free antivirus on at least one of their computers, 36% use licensed software, while the rest use a combination of products,  pirated software, none at all or don’t know.

A multiple answer poll conducted among 1000 Irish adults in January has revealed a few interesting things. A very positive one is that the vast majority of computers in Ireland are protected by some form of security software and only 5% use nothing at all, while a 3% minority is mad enough to use pirated antivirus – as that makes about as much sense as having robbers guard jewellers and bank vaults.

A slightly more worrying one is that nearly half believe that a free antivirus is equally effective in keeping their computers safe as a full security suite. While some free security products that can be found online are, honestly, worth less than they cost, it is true that usually free and payable versions of AV from the same vendor use the same core engine, but they don’t have the same functionality and features. In most cases, they’re intended as an evaluation tool. Because of the work that needs to be put into any product, if it’s to be in any way effective, the developer needs to get some return on his investment. In “free” software, this is often done by installing “complementary” toolbars, utilities containing adware-like functionality, etc, where the client is monitored and served with advertisements.  These add-on programs subsidise the cost of the “free” anti-virus potentially at the expense of users’ privacy.

antimalware

Results of January 2013 poll.

Therefore relying on full protection of one’s computer by using a semi-functional security product is somewhat naïve, to put it mildly. Online security these days goes far beyond just sets of virus definitions as was the case with antivirus a decade ago. The multiple-vector attack nature of modern malware and cybercrime in general forces effective security suites to integrate antivirus, firewall, anti-spam, social media scanners and scam-site detectors, using traditional definition-based malware recognition, combined with proactive, behavioural heuristic detection. That is then also backed up by large teams of security experts and analysts, who monitor the web 24/7 for new outbreaks and new forms of attack as well as offer tech support to their users.

Further demographic analysis of the poll show that, as in most similar polls we did, women tend to be more cautious, while men more reckless in computer use. Just as more men than women admitted to using pirated software, visiting dodgy sites, ignoring their security software’s warnings in previous polls, so in this one more men than women use free software (48%), while women prefer to be safe with payable full versions (41%). Only 1% of females use pirated antivirus software, while 5% of men do. Same attitude towards safety as in most previous polls is also revealed age-wise. The young group of 15-24 is the most reckless in using free (46%) and pirated antivirus (6%), while in the 55+ age group is safest, as no one admitted to be using pirated software while the use of free antivirus is 43%. Geographically it is a bit more unusual. While the Dublin area had the lowest use of free software (40%) it also had the highest level of piracy (6%), Connaught/Ulster was the opposite. There 51% rely on free programs, and only 2% use pirated ones.

The conclusion could therefore be, that while awareness of the dangers online is increasing and steps are being taken by users to ensure some level of security for their computers, the naïve perception of the threats and solutions for them is a bit reminiscent of WW2 garden aluminium air-raid shelters. While they may not really offer any serious protection against bombings, they at least reassure that something is being done.

Urban Schrott
IT Security & Cybercrime Analyst
ESET Ireland

A Right Royal Security Blunder

Yesterday’s Guardian reports of an interesting royal IT security failure, when a supposedly non-problematic article of Prince William at work also revealed a large piece of paper with a military login and password clearly displayed in the background. (Guardian’s photo at http://static.guim.co.uk/sys-images/Politics/Pix/pictures/2012/11/20/1353420459724/Prince-William-chats-with-010.jpg)

UK’s MoD has since urgently changed their passwords, but the lax attitude towards IT security, particularly in delicate areas such as the military, does leave a very sour aftertaste. As if revealing the password wasn’t bad enough, the password itself wasn’t very strong either, apparently.

Globally the most widespread passwords still seem to be “123456” and “password” as well as other very simple ones. Statistics show the Irish are a slight bit smarter when it comes to passwords, as the majority do use a combination of letters and numbers at least:


(source ESET Ireland survey, May 2011)

In a series of articles, ESET expert David Harley has also been dealing with the issue of password security, but one worth pointing out in light of the Royal blunder is that the best password in the world is of little use if the site or service or organization that you access with it isn’t taking proper care of it“, from the Password Strategies: Who Goes There article in SC Magazine.So, while the Irish do use better passwords than is the global average, the question remains, where do they have them written down and displayed for everyone to see.

Do more children have to die before parents take their online lives seriously?

ESET Ireland survey: Up to 73% of children are left entirely unsupervised online.

The recent Co. Donegal and Co. Leitrim tragedies, where two teenage girls committed suicide because of online bullying and abuse, reminded us in a most dreadful way that the web isn’t just a nice place of Google searches, YouTube videos and friendly Facebook wall posts. Online life, just like regular life, has its shady sides as well. But while we’re taking many measures to stay safe in real life, the online life is considered less important by most. At least until something tragic occurs.

These horrible events prompted us to attempt raising awareness of the issue once again in hope something does change for the better, and remind the Irish public of the survey we had conducted about a year ago. ESET Ireland had a survey done with over a thousand people participating across Ireland, to find out if Irish children are supervised online. The results were shocking as they revealed that up to three quarters of children are left entirely unsupervised online.

We asked if children of different age groups (ranging from 6 to 16) were left unsupervised online, and as it turns out parents seem to supervise less and less as the children age. So the youngest group of 6-7 years of age were only left unsupervised in 27% of the cases, but then supervision drops incrementally to 73% being unsupervised in the 16 years of age group.

Question: Is your child left unsupervised online?
The graph shows how many parents of children of a certain age said YES.

It is hard to imagine that a third of 6-7 year olds and three quarters of 16 year olds receive absolutely no supervision from their parents while online, when it has also been brought forward by other researchers, that just over one in ten will accept any friend request on social media, and nearly half of them have friends they have never met.

At ESET we believe it’s also a parent’s job to help younger children to develop on-line life skills:

  • Know (and discuss) the dangers. With younger children, learning about safety issues could be a family project where parents and children could learn from each other.
  • Just because it isn’t physical, bullying and abuse online is just as traumatic and cruel as elsewhere and should be detected early, blocked in time and the victim treated as seriously as they would be in the case of any other abuse.
  • The web (and especially social media sites) are full of social interaction with people you or your children may never have met, as well as people that may not have good intentions. Keep an eye on who your children are communicating with and what it is about.
  • Think about installing Parental Control software which lets you monitor and limit computer use, as well as block many categories of offending websites and programs.

11 Tips for protecting your data when you travel

Recently FBI issued a warning about a threat involving hotel Internet service overseas and it produced a lot of requests for advice on how to respond to the threat. So researchers at ESET came up with a list of data security tips for travelers. These tips will help you keep your data safe while traveling and should defeat this particular threat (when a pop-up appears as you are signing in to the hotel Internet and asks you to update perform a software which is actually a malware infection).

  1. Make sure your operating system and antivirus software are updated before you go on the road.
  2. Backup your data before you head out (and store the backup in a safe place).
  3. Consider leaving some data behind or move sensitive data from your laptop hard drive to an encrypted USB stick.
  4. Make sure you have password protection and inactivity timeout engaged on all devices including laptops, tablets, and smartphones.
  5. If possible, only use reputable hotel Internet service providers (ask the hotel who their provider is before you book).
  6. If the hotel Internet asks you to update software in order to connect, immediately disconnect and tell the front desk.
  7. If you use hotel Internet to connect to your company network use a VPN.
  8. Do not use WiFi connections that are not encrypted with WPA (avoid WEP encrypted connections which are easily hacked).
  9. Consider getting a 3G or 4G hotspot and using that instead of hotel Internet.
  10. Avoid online banking and shopping while on any hotel or public Internet connection.
  11. Disable pop-ups in your web browser.

WEP/WPA? How to know which encryption scheme an access point offers

If you are using a Windows 7 laptop you can see the encryption type for any available access point when you display the list of access points from the network icon in the Taskbar (typically lower right of the screen). You may have to hover over the point in the list to see the information.Airport encryption

If you are using a MacBook you can Option-Click the Airport icon for a list that will display the encryption type of your current connection and, on hover, other connections, as shown on the right.

Bonus tip #1: If you are on the road and suspect that your Windows laptop has become infected you can get a free online scan from ESET.

Bonus tip #2: Don’t assume your laptop is safe from malware when traveling just because it is a Mac. Consider installing a reputable antivirus product, for example, you could install a free 30-day trial of ESET Cybersecurity for Mac OS X before you head out on your travels.

Two thirds of the Irish say their software is legit

New survey reveals 67% of Irish use legitimate software, males are more likely to pirate than females, arrrr, and nearly one in five in Munster just doesn’t know what they use

Why is a security company like ESET interested in the use of pirated software? Because in our experience the vast majority of pirated software comes with a little something extra attached. A cracked version of a known graphical editing program or a popular computer game isn’t made freely available online out of the goodness of someone’s heart, but because they have an interest it gets installed along with some additional malicious payload.

ESET Ireland, through Amárach research, asked over 1000 people across Ireland about the legitimacy of their software and these are the results:

 

Since the survey was anonymous, we presume people answered truthfully and the vast majority being users of legal software is good news. The availability of free open source software also makes things easier for many users. But the combined percentage of people using pirated software is still a concern, as is the high number of people that just don’t know if their software is legit.

The statistical breakdown of the results also offers an interesting picture. The worst offenders with only 51% of legal are in the age group 25-34, while 83% of those over 55 don’t use anything pirated. And while most Dubliners know what they use, with only 10% claiming they don’t, people of Munster seem most clueless and 19% answered they don’t know if their software is pirated. And nearly twice as many males (12%) than females (7%) use pirated software.

Statistically eastern Europe is known for a very high percentage of pirated software in use, and it is no coincidence that they also have by far the highest rates of malware infections (when Conficker worm raged worst, less than one in ten was infected globally, but in Russia and Ukraine it was nearly one in three). Usually the worst hit seem to be the users of pirated operating systems, where malware comes placed in the heart of their system and because they do not get regularly updated and patched, they are vulnerable to most targeted zero day threats. These are then closely followed by those using pirated security software. The wolf guarding the sheep or a thief guarding your valuables and all that, you know…

Follow

Get every new post delivered to your Inbox.

Join 78 other followers