In spite of the consistent reports of hackers exploiting the COVID-19 pandemic to carry out their illegal activities, a significant percentage of users in Southeast Asia still believe that their online activities are safe. This is one of the major findings in Kaspersky’s report titled “More connected than ever before: how we build our digital comfort zones.”
The cybersecurity firm’s report found that the majority (82%) of the respondents from Southeast Asia (SEA) think that their digital lifestyle is safe for their data’s privacy. This is 7% higher than the global average at 75%.
Conducted last May 2020 among 760 respondents from the region, the research also showed that only 1% of the users in SEA admitted that living virtually feels very unsafe for them, two notches lower than the world view at 3%. The remaining answered they feel unsafe (11%), still lower than the global percentage at 16%, while some 5% were unsure.
“Based on this study, SEA online users are spending five to 10 hours per day online and admitted that the lockdown measures have increased their time spent virtually by two to five hours per day,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. “With our devices being an extension of offices, banks, shopping malls, schools, and more, now more than ever do we need to look into how we keep our accounts and devices locked safely to keep our digital lives and assets away from the hands of cybercriminals.”
Despite the high confidence in the region, survey respondents also admitted to being hacked online. Users acknowledged that their social media accounts (21%), their email accounts (20%), their mobile devices (13%), their Wi-Fi networks (12%), and their banking accounts (12%) have been hacked.
There’s another 2% who even confirmed their accounts have been compromised more than three or four times, while 24% are certain that their data had never been leaked. Almost 2-in-10 of the respondents also confessed they are not sure if their accounts were compromised ever as they do not know how to check (18%) while another 14% revealed they have never checked at all.
When asked about what they did after discovering their accounts’ security was breached, more than half of users (57%) in SEA changed their passwords to all relevant wireless devices and digital accounts and another 54% updated their security codes to only the affected wireless devices and digital accounts.
Only 23% of the respondents who experienced hacking installed security software to protect their accounts while 14% took their hacked devices to an IT expert. There was a small percent (4%) who chose to do nothing.
As more users utilize the internet to keep their sense of normalcy during this time, Kaspersky advises the following to keep them safe online:
Take your online privacy seriously and don’t share or permit access to your information with third parties unless absolutely necessary, to minimize exposure of it falling into the wrong hands.
Start using “Privacy Checker” that helps consider setting your social media profiles to private. It will make it harder for third parties to find highly personal information.
Use a reliable security solution like Kaspersky Password Manager to generate and secure unique passwords for every account, and resist the temptation to re-use the same one over and over again.
To find out if any of the passwords you use to access your online accounts have been compromised, use a tool such as Kaspersky Security Cloud. Its Account Check feature allows users to check their accounts for potential data leaks. If a leak is detected, Kaspersky Security Cloud provides information about the categories of data that may be publicly accessible so that the individual affected can take appropriate action.
With work-from-home being a policy still employed in countries across the region, experts suggest enterprises the following:
For businesses, teach employees about the basics of cybersecurity. For example, not opening or storing files from unknown emails or websites as they could be harmful to the whole company, or to not use any personal details in their passwords.
In order to ensure passwords are strong, staff shouldn’t use their name, birthday, street address and other personal information.
Regularly remind staff of how to deal with sensitive data, for example, to only store it in trusted cloud services that need to be authenticated for access and that it should not be shared with untrusted third parties