The June 2018 Main Meeting
Tonight, Trend Micro returned with an update of Trend’s Home Network Security device.
This time Shaniel Datt brought along Troy Thomas, Trend’s National Training Manager
to talk about Trend and their new Home Network Security.
Troy started with a brief introduction to Trend, which has been in the security business for over thirty years. Trend pride themselves in having the best protection against web threats.
This is an acknowledgment of how things have changed. The traditional “anti-virus” software is now only part of any respectable computer security software. Trend achieves this protection by using the cloud. Gone are the days when you had to rely on a database on your computer. With Trend’s cloud base protection, you are always up to date. Trend is all about the prevention of web threats and no matter what the threat - phishing, ransomware or ID theft - Trend will simply block the site. For Trend it’s about securing all your devices - your phone, tablet, your Mac or your PC or any device that connects to your network.
So, Troy asked the question “What are web threats?” He went into some detail as to how people can be scammed, starting with identity theft.
We had a quick look at a video with a guy showing the world his new credit card. Our President Alex noted that some people have even posted copies of their cards on social media.
Troy pointed out that the cost of cybercrime was over three billion dollars, with around 140 million malicious web sites being accessed by Australians every year.
The two main problems Troy spoke to were Phishing scams and Ransomware.
Phishing is sending fake e-mails to harvest personal data that gives access to your bank accounts. It drew the name from fishing were you use bait to hook a fish.
Troy started with an example of a scam his friend found from Facebook. He was offered a huge reduction on the maps of a Garmin navigation device and asked Troy why it was blocked. Troy was in a computer store at the time and checked the blocked address. It looked and felt like the real thing, but asked for all his details like name address e-mail etc. The address was so subtitle, there was one letter difference in the fake name.
Troy then stepped us through a well know eBay scam. The victim received an email offering 40% off. Using the link in the email you went to an “eBay” site which asked for your login and password, once they had those they took you to the purchase page and asked for your PayPal details. Now they had access to your eBay and your PayPal accounts.
Why was it so successful? Because it was just like the real eBay site. Even the “tech savvy” were caught because the address was www. EDAY.com, not eBay. Just like the Garmin scam the criminals rely on the fact that your brain will process the whole of the address and miss the one letter change as it is so used to the real address.
Trend will block these sites using their huge cloud-based database. It works regardless of the source of the attack, be it email, web site, messenger or any other social media format.
We then moved on to Ransomware. This is where your computer’s hard drive is encrypted or locked and the criminals then ask for a payment to unlock the machine. Pay up, and if you’re lucky they may even unlock the machine, but as Troy said, “Don’t hold your breath”.
Ransomware is one of the worst phishing scams. Most have looked to steal your money by gaining access to your accounts and with the co-operation of your bank you may avoid the worst effects of the theft. On the other hand, Ransomware, by encrypting your hard drive takes the scam to a new level, pay up or lose your data! Troy continued the history of Ransomware by describing how with the advent of the “Wannacry” virus Ransomware reached new heights. With wannacry, the virus went looking for any hard drive on the network not just the one it had opened on. Troy recounted how one of the first major appearance was on a National Health Scheme (NHS) computer in England which spread rapidly to a host of hospitals and GPs across Britain. For most victims the virus appears as a payment demand from the tax office or as a traffic fine, even a request for your details to deliver a package.
Trend were one of the first to have a Ransomware solution. There are three ways Trend helps. The cloud base protection data base will detect and block the virus. However other vulnerable pathways include shared networks, as with the NHS and shared files like that USB stick with that, “must have” game the kids want to play. Trend springs into action with these situations when it detects your files being encrypted. Trend will pause the encryption and this message appears “Trend has detected XXX program is encrypting your files!”. Now it’s possible you may be encrypting your own files using Windows Bitlocker for example, Trend gives you the warning which allows you to continue if the encryption is legitimate. Then there is a third level. What if the kids have seen the message and said yes or you mistook the file name and thought it was OK. When you install Trend, it give you and option called “folder shield”. You nominate the data files you want the protect say your photos finance folders and document folder and Trend will block any attempt to encrypt those folders. The same protection can be added to network folders such as your external backup drive and even those cloud-based drives like Dropbox. To quote the site
“An enhanced Folder Shield safeguards your valuable files and digital assets both locally and on cloud-synced folders like Dropbox®, Google Drive® and Microsoft ®OneDrive®. “
We had a quick look at an example of how Trend catches a phishing scam.
The “NAB?” has sent you an e-mail or these days it could even be a SMS on your phone. On your PC you may see the fake site by hovering on the link but you can’t do that on a phone so having Trend on your phone will give you access the same protections you get having Trend on you PC.
Home Network Security Device
Then we moved on to the new Home Network Security. This is all about protecting all your internet connected devices. As Troy pointed out nearly every thing appears to have need of an internet connection.
Known as the internet of things or IOT we are increasing seeing household appliances wanting to connect to the internet. We now have home surveillance systems and air conditioners you can turn on by your phone even a connected fridge that can order more milk for you. It may make sense to have our Smart TV or gaming consoles connected, but your toaster? Your washing machine? Troy commented that China can product a Wi-Fi chip for $2 so we will see more device with the ability to connect to our home network. One of the real problems here is that these devices have little or no protection against hacking.
Now, here’s the problem Troy noted that “less than 50% of people change the default password on their modem” You can even see these unsecured security cameras at work through sites like Shodan and Insecam
Here’s an Office in Ha Dong and a bar in Glenwood Springs, Colorado
Short message there is “Change the login and password on your modem”.
So, enter the Home Security Network.
It’s a simple box, easy to set up and designed protect any device on your network. It works on two levels, one it securers your network, two it has the best network controls so you can control what happens on your network. Troy emphasised the parental controls built into the system. You can set up controls for each user with parameters like, what time of day they can login, how much time they can have online and what type of sites they can see.
“Its super easy to use. Out of the box there’s a power cable and a network cable. Plug the network cable into the router, and it works with any router.” That means “it uses your existing router”, much simpler than similar devices on the market which are routers in themselves. The device operates via an app on your phone. Once your read you can use the QR code on the base of the device or simply find it on the various stores. Once installed the app scans your system and detects all the devices on your network, that’s every Wi-Fi device connected to the network.
Then it scans the all the devices for vulnerabilities. That’s how Trend know that most people have not changed the user name and password on their modem. Trend even takes you to the device to fix the problem.
You can then set up all the parental controls, creating profiles for each of the devices such as the children’s tablets and rules for their use. Just before we finished Troy describe how effective these controls were. One day he received notice via the app that the network was under attack via his son’s device. Turns out he had downloaded an innocent looking add-on which created a back door to the network. Like wise his daughter was exposed to an adult site simply because the site had appeared on a messager thread shared by her friends.
Shaniel had given us a look at the Home Network Security in January 2017. You can check that talk out in archives.
Tonight, Trend donated a Home Network Security package and everyone received a little bag with a Trend Maximum Security licence for three devices for one year. We had a few other prizes as well.