Skip to content

Why You Need Backup For Google Workspace

GREYCORTEX Mendel 3.9 Now Available

June 20, 2022 – We have released a new version of GREYCORTEX Mendel. Version 3.9 is more interactive, safer and allows even deeper data analysis than ever before. We have increased the interoperability of Mendel with other tools and extended the hardware support.

More about GREYCORTEX Mendel 3.9

Is Litigation Hold a Reasonable Replacement for Backup in Microsoft 365?

We get asked this question often, and at face value, it’s easy to see how one could equate litigation hold with backup – both have something to do with ‘preserving’ data. However, the reality is that backup and litigation hold differ on many points, and any company that fails to understand the differences between them (and the utility of each) will eventually learn the repercussions the hard way. Let’s explore the key differences between litigation hold and backup.

What Is Litigation Hold?

The term ‘litigation hold’ comes from US case law (2003, Zubulake v. UBS Warburg) where the judge ruled: ‘once a party reasonably anticipates litigation, it must suspend its routine document retention/destruction policy and put in place a ‘litigation hold’ to ensure the preservation of relevant documents.’

In 2010, Microsoft introduced a litigation hold (sometimes referred to as legal hold) retention feature for Microsoft Exchange to support eDiscovery. The feature was intended primarily as a way of preserving data should there be a legal need to preserve it for access and viewing during a litigation. Think of it as being for documentation purposes, not as a way to restore data back in place to operating platforms like Microsoft 365.

Microsoft later added the ability to create what they call in-place holds, which are holds based on a query (such as “find all messages containing the phrase ‘Project Starburst’). The back-end implementation of litigation and in-place holds are slightly different; you can see more details in Microsoft’s documentation

Let me say it again, slightly differently: Litigation hold wasn’t designed with the intention of serving as a backup service. Yet, some still try to rely on it as a backup solution, particularly to make ends meet when not having a designated data security plan (including a third-party backup solution), with the reasoning that “some sort of data preservation is better than none, right?” 

However, there are many drawbacks and substantial risks associated with these types of setups that lead to a risky, false sense of data security. Some of the shortcomings and risks of relying on litigation hold as a backup are: 

  • Data storage quotas capped at only 110 GB 
  • Some eDiscovery features require additional-cost licenses; if you don’t buy the licenses, you can’t use the features 
  • User mailbox data is only kept while an Exchange Online license is assigned to the user. When a user leaves or becomes inactive, removing the license will eventually remove the data.   
  • Recovering data needs an administrator and is a time-consuming process 
  • The held data is not physically separate from the original copy  

The bottom line is that you can’t depend on litigation hold or in-place holds as mechanisms for general-purpose recovery from mistakes or disasters. That’s not what they’re meant for, and you run the risk of losing data if you try to use them for that purpose.

What Is Backup?

Backup, by definition, provides one or more additional copies of your data, stored in a location physically separate from that of your primary dataset. Physical separation is a fundamental facet of backup, since storing your backup data in the same location as the primary data represents a single point of failure.  Effectively, there is no data redundancy in these types of setups. 

With traditional on-premises backup, the physical separation rule meant having an off-premises backup stored in another building – so that in the event of a disaster, e.g. a fire in one building, would not destroy all your data. For cloud backup, it’s fair to ask ‘what cloud does my backup data go to?’ The answer is usually either ‘Microsoft Azure’ or ‘Amazon Web Services.’ Ideally, you want that data going to a cloud not operated by your SaaS application vendor (so, it wouldn’t be fair to put your Microsoft 365 data into Azure); otherwise, you’re violating the physical-separation rule.  

Any service that is not providing this separation of copies is not—and should not be—considered a true backup. 

At Keepit, we talk a lot about the ‘3 Ms’ that can cause data loss: mistakes made by people; mishaps at the SaaS application vendor; and malicious actions from inside or outside the organization.  

Following data protection best practices, a properly executed backup scheme provides against all three of the Ms if anything should happen to the primary (original) dataset: malicious action in the form of a ransomware attack or a disgruntled employee; mistakes where someone with legitimate access accidentally deletes important data (or needs to back out changes they didn’t want to keep); and mishaps, where the service provider has an outage or data loss. Litigation holds can’t protect you against all 3 of the Ms: there’s no physical separation, limited ability to do large-scale restores, and no real concept of version control.  

What to Look for In a Cloud SaaS Backup Solution

Besides the must-have features of data redundancy and availability, a worthy backup solution will offer a multitude of convenience and productivity-boosting tools and services, further distancing it from litigation hold. The first thing to look for is a solution that’s purpose-built for the cloud, not a refurbished or reskinned on-premises solution. Rather, a good, dedicated third-party backup solution.  

Here are some of the key benefits to look for in a dedicated third-party backup solution: 

  • Simple, quick restoration of the data you need, when and where you need it, in the format you need it 
  • Direct restore from live storage, with no waiting for offline or near-line storage 
  • An intuitive interface for quickly and easily finding and previewing specific files or messages before storing them 
  • Secure, immutable storage in an independent cloud 
  • Flexible geographic storage options to cover your data sovereignty requirements 
  • A predictable and transparent cost model, with no hidden surprise charges for data ingress, egress, or storage 

For more insight into data protection in the cloud era, get an in-depth look via the e-guide on Leading SaaS Data Security. Or, if you’d like to learn more about Keepit backup and recovery services for Microsoft 365, Salesforce, Google Workspace, and others, visit this page. 

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

Toyota Motor Corporation Adopts ITOCHU Techno-Solutions’ “Vehicle Inspection Information System,” Integrated with CyberLink’s FaceMe Facial Recognition, for Vehicle Quality Control

TAIPEI, TAIWAN – June 16, 2022 – CyberLink Corp., a pioneer of AI and facial recognition technologies, has collaborated with ITOCHU Techno-Solutions to integrate with its AI facial recognition engine, FaceMe. As a FaceMe partner, ITOCHU Techno-Solutions used FaceMe to develop a new version of its “Vehicle Inspection Information System” for adoption by Toyota Motor Corporation to improve vehicle quality management.

About the Vehicle Inspection Information System

The Vehicle Inspection Information System is a quality management system for reviewing the inspection results of finished vehicles. FaceMe provides high-speed and precise facial recognition to ensure that only certified inspectors can inspect finished vehicles. Its touchless facial authentication and high accuracy also improve work productivity. Moreover, its ability to perform facial authentication without inspectors needing to remove their hats and masks helps prevent infectious diseases.

The factory has already deployed multiple Android devices for face authentication. Using CyberLink’s FaceMe, qualified inspectors can authenticate their faces while still wearing hats, goggles, and masks to immediately perform a face match.

Why should I adopt FaceMe?

To prevent the spread of COVID-19, users should authenticate their faces while wearing masks. Adopting FaceMe is an excellent choice due to its ability to perform facial recognition while users wear masks and because of its outstanding market recognition.

“Due to recent COVID-19 infections, our workers must wear masks all the time,” said Mr. Imato, Assistant Manager of Toyota Motor Corporation. “We’ve adopted FaceMe because of its outstanding performance, specifically in face matching when performing facial recognition on mask-wearers. It allows us to improve productivity and concentrate on the inspection work itself. Moreover, CyberLink has also supported us in eliminating environmental problems usually encountered with facial recognition, such as bright factory lighting and dimly lit car interiors.”

“We are honored that ITOCHU Techno-Solutions has integrated our FaceMe facial recognition SDK in its Vehicle Inspection Information System, and Toyota Motor Corporation, whose top quality represents Japanese manufacturing worldwide, has chosen this system,” said Dr. Jau Huang, CEO of CyberLink Corp. “FaceMe brings world-class accuracy and anti-spoofing technology to ITOCHU’s system, making Toyota Motor Corporation’s quality control processes more convenient and productive. It has also helped prevent infectious diseases while creating a market for smart factories.”

“Using deep neural network AI technology, FaceMe is an attractive product due to its quick speed and high accuracy in facial recognition,” said Mr. Matsunaga, Division Manager of ITOCHU Techno-Solutions Co., Ltd. “Our customers have spoken highly of FaceMe, so we are delighted to be able to integrate it with our systems. CyberLink’s support during the verification process was also helpful. We plan to extend our services to other factories in the future, so we appreciate their continued support.”

ITOCHU Techno-Solutions Co., Ltd. (“CTC”) is a comprehensive IT services partner. Providing consulting, design, development/construction, and operational/maintenance support services, CTC combines advanced IT solutions and cloud services to solve customer problems. CTC provides the best services in telecommunications, broadcasting, manufacturing, finance, distribution/retail, fields of public interest, life sciences, and science and engineering.

Visit CTC: https://www.ctc-g.co.jp/

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition.  CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD.  With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com

SAVIA enables its customers’ secure digital transformation with Awingu

Savia (Soluciones Avanzadas en Informática Aplicada) is a Spanish specialist provider of payroll and personnel management solutions for the public administration. More than 500 public organizations digitize and automate human resources administrative processes with their technology, gaining in efficiency and focusing on boosting talent and public performance. Their projects go beyond the technological aspect and put people at the center by accompanying them in the process of change to achieve the digital and cultural transformation of organizations.

Currently, Savia uses Awingu to facilitate their clients’ access to their cloud platform. They achieve this with a simpler, faster login and all framed in a single point accessible through a browser. In the past, they used RemoteApp or a remote desktop connection, which fell far short of Awingu, as Javier Prieto, Head of Marketing at Savia, explains. The key role played by our technology partner Claranet, working together with the Spanish distributor MCR, helped them to identify how Awingu could support them.


Public services have been digitizing at a rapid speed. With Awingu, fast also means secure and scalable.

The digitization of public administration

One of the biggest problems for personnel departments is the excess of low-value tasks and the need for strategic focus. Technology and specialized services digitize all these administrative processes in their department, resulting in a change that is transferred to the entire organization.

The public sector has been accelerating its digitization exponentially, and employees play an essential role in that transition. HR teams are a driving force behind cultural and digital transformations and must be the first to internalize those changes and the new ways of working.

Therefore, Savia’s technological accompaniment, advice and support, in combination with Awingu, is contributing to the efficiency, digitization and improvement of the Public Administration, ultimately impacting on public service.

In search of a secure and easy solution

To facilitate this, Savia was looking for another solution to provide access to their users. This solution had to meet several requirements related to security, simplicity, and scalability:

  • Bringing greater security to their cloud services: isolating their solutions with an additional layer of security between the applications and the user.
  • Provide a less vulnerable form of access: Such as a remote desktop, which is more susceptible to certain threats.
  • Accessibility for your users: Allowing your solutions to be accessible regardless of architecture, OS, or device.
  • Scalability: Being able to scale resources based on demand.

They looked for a browser-based HTML5 solution and found Awingu among different alternatives. After testing, SAVIA quickly confirmed that Awingu matched its aforementioned needs:

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

CyberLink Releases FaceMe® TimeClock and Smart Retail, Expands Its Facial Recognition Offering

Leveraging the FaceMe Platform’s APIs, this new generation of applications expands the world’s leading facial recognition engine into targeted use case- or industry-specific solutions

TAIPEI, TAIWAN — June 09, 2022 — CyberLink Corp. (5203.TW), a pioneer of AI and facial recognition technologies, announces the introduction of its first use case-specific solutions designed to augment functionalities, improve accuracy, and boost the performance of error-prone or labor-intensive workflows. FaceMe TimeClock addresses the shortfalls of tracking time and attendance, such as the potential for card swapping or theft and bottlenecks at the beginning and end of workers’ shifts, while automatically and accurately updating attendance records. FaceMe Smart Retail can entirely automate visitor statistics collection and analysis, simultaneously preserving individuals’ anonymity and ensuring other ethical considerations are respected 100% of the time. Both leveraging the FaceMe Platform’s APIs, these ready-to-deploy and easy-to-use cloud-based solutions bring one of the world’s most advanced facial recognition technology into everyday business applications.

Each time an employee comes to work and leaves, FaceMe TimeClock matches a live view of their face to an encrypted template consisting of otherwise unusable facial vectors, accurately tracking their attendance. The solution comes with a complete set of administrative tools to enroll employees, manage databases, and monitor attendance at the group and individual levels. Administrators can check individual attendance reports to understand trends and make more informed decisions. It is a perfect fit for smart offices and factories, retail, hospitality, and more.

FaceMe Smart Retail is an analytics solution that doesn’t identify individuals but uses FaceMe’s ability to measure in-store traffic and estimate key parameters such as age, gender, and facial expression. It aggregates data and enables comprehensive analyses to derive valuable insights on visitors and how to enhance their future experiences. Store owners can access the dashboard, perform analysis, and run reports from any browser. The intuitive interface makes it easy to manage cameras from multiple locations and accommodate deployments of any scale. FaceMe Smart Retail is the ideal tool for operators who care about customer service, especially in the retail and hospitality industry, which thrives on an accurate understanding of visitors’ needs, preferences, and trends.

“Facial recognition is going mainstream. Major improvements in hardware performance and affordability, combined with more precise, AI-powered models, have enabled the technology’s deployment into more valuable use cases while driving society’s fast-growing adoption,” said Dr. Jau Huang, CEO of CyberLink. “We are proud to introduce FaceMe TimeClock and FaceMe Smart Retail, our first use case-specific solutions, to the market and expand the realm of possibilities for facial recognition technology, confirming its invaluable potential.”

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition.  CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD.  With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com

Keepit Secures Debt from Silicon Valley Bank in Partnership with Vækstfonden to Fuel Growth


Funding to support fast growth into new markets and hiring talent
London – 9 June 2022 – Silicon Valley Bank, the financial partner of the innovation economy, has provided a $22.5 million debt financing package to Keepit in partnership with Vaekstfonden. The fresh capital will help fuel further international expansion, hiring, and product development as it continues to scale and build out its market-leading platform for SaaS data protection.

Keepit will use the capital for strategic growth purposes, extend its cash runway ahead of future rounds, and minimize dilution during this strategic growth phase. Keepit will use the debt facilities to support the creation of new services and capabilities as well as new roles within the organization as it grows internationally and adds further market-leading functionality to its product offering.

Founded in 2007 in Copenhagen, Denmark, Keepit is a leader in cloud backup and recovery and the world’s only independent, vendor-neutral cloud dedicated to SaaS data protection with a blockchain-verified solution being sold worldwide. The financing from Silicon Valley Bank follows Keepit’s $30 million Series A funding round in 2020.

Frederik Schouboe, CEO and co-founder of Keepit, commented:

“The support from Silicon Valley Bank and Vaekstfonden is a testament to the strength of our business. The strides we have made in the sector have placed Keepit as a market leader. This additional funding now enables us to accelerate our key strategic plans to help fuel the next phase of growth for Keepit.”

Sebastian Penn, Managing Director of Silicon Valley Bank, Denmark, commented:

“Silicon Valley Bank is delighted to extend its partnership with the outstanding team at Keepit. It is great to see further funding within the Danish innovation economy and Keepit is innovating to support the growth of the broader SaaS ecosystem. We look forward to watching the team continue to grow, build, and scale globally.”

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.


About Silicon Valley Bank
Silicon Valley Bank, the bank of the world’s most innovative companies and investors, provides commercial banking services, expertise and insights to the technology, life science and healthcare, private equity and venture capital firms.

Silicon Valley Bank operates in centers of innovation around the world and is one of SVB’s core businesses. With global commercial banking services, Silicon Valley Bank helps address the unique needs of its dynamic, fast-growing, innovative clients.
Visit Silicon Valley Bank’s website to learn more.

Silicon Valley Bank is registered in England and Wales at Alphabeta, 14-18 Finsbury Square, London EC2A 1BR, UK under No. FC029579. Silicon Valley Bank is authorized and regulated by the California Department of Financial Protection and Innovation (DFPI) and the United States Federal Reserve Bank; authorized by the Prudential Regulation Authority with number 577295; and subject to regulation by the Financial Conduct Authority and limited regulation by the Prudential Regulation Authority. Details about the extent of our regulation by the Prudential Regulation Authority are available from us on request. © 2022 SVB Financial Group. All rights reserved. SVB, SVB FINANCIAL GROUP, SILICON VALLEY BANK, MAKE NEXT HAPPEN NOW and the chevron device are trademarks of SVB Financial Group, used under license.

What’s Key to Contract Language for a Cloud Exit Strategy

Put in the simplest terms, a cloud exit strategy, also known as a reverse migration, is the process of creating a plan to ensure a company can effectively transition out or—or between—various cloud services. 

Naturally, this should be a focus area for all companies moving to the cloud or engaged with outsourcing in general, either between cloud vendors in connection with retendering, or back to on-premises insourcing.

Regulations driving the need

Certain regulated industries have, in comparison to other industries, a more mature risk-based approach to exit strategies as the regulatory bodies overseeing them have more broadly developed requirements. In the financial industry, for instance, it is mandatory that financial institutions develop and implement comprehensive exit plans that are not only well documented but also, where appropriate, sufficiently tested. 

Companies in other industries could adopt the same approach. The reason for the financial regulators to focus on these issues and to require financial institutions to do this is in order to protect the overall stability of the financial systems due to the important role they play in our society. 

Financial institutions will, among other things, ask the cloud vendor to provide certain clauses in the cloud agreement that support the financial institution’s exit strategy. To cater to this, Keepit has developed amendments to our standard offering to customers that will provide additional services in connection with an exit.

Top 3 considerations for cloud exit strategy amendments:

  • Clearly set out the obligations of the existing service provider in the case of a transfer of the outsourced function to another service provider or back to the customer, including the treatment of data
  • Set an appropriate transition period during which the service provider, after the termination of the outsourcing arrangement, would continue to provide the outsourced function to reduce the risk of disruptions 
  • Include an obligation of the service provider to support the customer in the orderly transfer of the function in the event of the termination of the outsourcing agreement 

Managing data and costs

Depending on how simple and transparent the cloud vendors’ price models are, the customer could also focus on the costs in connection with such a transition, for instance, in the form of egress charges.  Keepit has a super simple price model with no egress or ingress charges, but that is far from the standard in the market. Generally speaking, services based on public clouds charge for egress and ingress.  

The actual migration of data in connection with an exit is more difficult to define in advance, but the vendor should be willing to assist and support the migration against payment for the services rendered. It is important to keep in mind that “data” in this context is not just the files themselves – the word document or the XLS. “Data” is also all the metadata surrounding the files – the business and technical context of the data processing. Keeping and transferring metadata can be a challenge. 

However, by having a backup and recovery solution built on blockchain-verified, immutable technology, Keepit enables organizations to document cloud data processing of data transitions from one primary vendor’s service to the next – provided, of course, that you keep an independent backup of the datasets. 

Takeaways on data regulations and data portability

On a general note, and separate from the above, exit rights in the form of data portability rights have been, at least partly, regulated in the European General Data Protection Regulation (GDPR), where data portability requirements allow individuals to obtain and reuse their personal data for their own purposes—across different services. The right allows the data subjects to move, copy, or transfer personal data easily from one vendor to another, safely and securely, without affecting its usability. 

Although the right is intended for data subjects (the individuals), it has, to some extent, transgressed to companies focusing on the availability to move data from one vendor to the next, which has created a demand for tooling to support such data portability needs. Keepit allows the customer to move the data and to provide certain tooling to do that at no additional charge. 

Finally, having a third-party backup of your data does counter the risk of lock-in with the specific vendor as you have your data available through the backup vendor. Although not the primary reason to ensure a backup, we do see this as an additional benefit to having third-party backup. 

Read more about Keepit and hear what some of the companies that rely on Keepit have to say at www.keepit.com/customers/ 

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

ESET Threat Report details targeted attacks connected to the Russian invasion of Ukraine and how the war changed the threat landscape

  • The number of RDP attacks dropped for the first time since the beginning of 2020 (-43%), with attack attempts against SQL (-64%) and SMB (-26%) following.
  • Prior to the invasion of Ukraine, Russia and some countries of the Commonwealth of Independent States (CIS) were typically excluded from ransomware target lists, possibly due to the criminals residing in those countries or fearing retribution; in T1 2022, Russia faced the largest share of detections (12%) in the Ransomware category.
  • The war brought on an influx of phishing and scam campaigns taking advantage of people trying to support Ukraine; these were detected almost immediately after the start of the invasion.
  • In March and April 2022, Emotet operators shifted into a higher gear, launching massive spam campaigns using weaponized Microsoft Word documents, leading to the 113-fold increase of Emotet detections in T1 2022.
  • Emotet’s campaigns were reflected in the Email threats category, which grew by 37% in T1 2022.

BRATISLAVA — June 2, 2022 — ESET released today its T1 2022 Threat Report, summarizing key statistics from ESET detection systems and highlighting notable examples of ESET’s cybersecurity research. The latest issue of the ESET Threat Report recounts the various cyberattacks connected to the ongoing war in Ukraine that ESET researchers analyzed or helped to mitigate. This includes the resurrection of the infamous Industroyer malware, attempting to target high-voltage electrical substations.

ESET telemetry also recorded other changes in the cyberthreat realm that might have a connection to the situation in Ukraine. Roman Kováč, Chief Research Officer at ESET, clarifies why this report is so focused on cyberthreats related to this war: “Several conflicts are raging in different parts of the world, but for us, this one is different. Right across Slovakia’s eastern borders, where ESET has its HQ and several offices, Ukrainians are fighting for their lives and sovereignty.”

Shortly before the Russian invasion, ESET telemetry recorded a sharp drop in Remote Desktop Protocol (RDP) attacks. The decline in these attacks comes after two years of constant growth – and as explained in the Exploits section of the latest ESET Threat Report, this turn of events might be related to the war in Ukraine. But even with this fall, almost 60% of incoming RDP attacks seen in T1 2022 originated in Russia.

Another side effect of the war: While in the past, ransomware threats tended to avoid targets located in Russia, during this period, according to ESET telemetry, Russia was the most targeted country. ESET researchers even detected lock-screen variants using the Ukrainian national salute “Slava Ukraini!” (Glory to Ukraine!). Since the Russian invasion of Ukraine, there has been an increase in the number of amateurish ransomware and wipers. Their authors often pledge support for one of the fighting sides and position the attacks as personal vendettas.

Unsurprisingly, the war has also been noticeably exploited by spam and phishing threats. Immediately after the invasion on February 24, scammers started to take advantage of people trying to support Ukraine, using fictitious charities and fundraisers as lures. On that day, ESET telemetry detected a large spike in spam detections.

ESET telemetry has also seen many other threats unrelated to the Russia/Ukraine war. “We can confirm that Emotet – the infamous malware, spread primarily through spam email – is back after last year’s takedown attempts, and has shot back up in our telemetry,” explains Kováč. Emotet operators spewed spam campaign after spam campaign in T1, with Emotet detections growing by more than a hundredfold. However, as the Threat Report notes, the campaigns relying on malicious macros might well have been the last, given Microsoft’s recent move to disable macros from the internet by default in Office programs. Following the change, Emotet operators started testing other compromise vectors on much smaller samples of victims.

The ESET T1 2022 Threat Report also reviews the most important research findings, with ESET Research uncovering: the abuse of kernel driver vulnerabilities; high‑impact UEFI vulnerabilities; cryptocurrency malware targeting Android and iOS devices; a yet-unattributed campaign deploying the DazzleSpy macOS malware; and the campaigns of Mustang Panda, Donot Team, Winnti Group, and the TA410 APT group.

The report also contains an overview of the numerous talks given by ESET researchers in T1 2022, and introduces talks planned for the RSA and REcon conferences in June 2022, showcasing ESET Research’s discovery of Wslink and ESPecter. These appearances will be followed by a talk at the Virus Bulletin Conference in September 2022.

For more information, check out ESET T1 2022 Threat Report on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

Why you shouldn’t post children’s photos online

We often teach children not to speak to strangers, but we seldom realize that we may actually be offering them up for exploitation by strangers on the internet every day. While it comes natural to many of us to shield our children from the dangers awaiting them in the real world, the digital world is, to many, still some sort of shifted reality, not real, a fantasy. But due to technology use, we (global IT users) have arrived at a place where much of our reality happens in the digital realm.

It is so easy to get swept up by the fantasy of presenting your perfect, happy life on the internet for all to see, and our children are a big part of that. It is only natural that we want to share the happiest moments of our lives with those we love and connect with daily. Just remember the joy you felt when you found out you were having the baby you always dreamed of having, the first day your child went to school, or their 5th birthday. These are the happy moments we want to capture and keep memories of forever. The internet and social media are great libraries for storing all these precious moments. However, this may not be the best approach for our children.

At present, it is believed that children born today will have the biggest digital footprint in history. According to 2018 a report by the Children´s Commissioner for England, an average person in the UK will have had 70,000 posts shared about them online by the time they turn 18. That is a huge amount of data shared and stored about a person. This data is then accessible to many more than you might realize. Let us look at some threats this poses to your child´s safety, and not only online.

 

1. Your image no longer belongs to you
Anytime you post a picture on social platforms, that image is no longer exclusively yours. The terms and conditions of these platforms often state that the moment an image is uploaded onto their server, they are free to use it without consent. While you retain the copyright to the image, the platform whose servers host the image owns the license. In other words, the social platform is allowed to use your picture in any way they see fit.

2. Baby Identity? My Identity
Sharing your children´s information or images online may result in identity theft. Posting ultrasound pictures, with sensitive information, exposes the child to risks even before they are born. Sometimes, a post may include a child´s name, date of birth or location. Then, in just a few clicks, a perpetrator may discover the parents’ personal information. Combine all that with data breaches and social security numbers readily available on the Dark web, and you have a quick and easy recipe for identity theft – with hackers possibly obtaining credit in the child´s name. According to banking leader Barclays, risks stemming from posting your children’s pictures online will account for two-thirds of identity fraud and financial scams facing young people by 2030.

3. Metadata says it all
Social platforms are not responsible for striping your images of metadata. This includes, for example, your location, type of device used to take the photo and so on. An average digital perpetrator may very easily use this to locate your child, where they go to school, where you live, what extracurricular activities they attend, and where. Even a photo of your child’s art project may include their name.

4. Attract the wrong crowd
A good rule of thumb is, if there is the slightest doubt in your mind about a photo, it’s better not to post it. Also, try to refrain from posting nude baby pictures online. Even an innocent potty-training photo, or a child running around the garden nude, may attract the wrong crowd, and a photo of your child may end up in ill-intentioned hands.

5. Permission is your mission
Realizing your children will inherit the consequences of your online behavior is a serious thing. As such, seeking your children’s permission to post them, or anything about them, on your social media makes them conscious that there are choices to male and consequences -both positive and negative- too. If you want to post a picture of your child with another child, you should ask their permission, too, or that of their parents or legal guardians, just as you would an adult. In France, if you post a picture of your child online and they later object, you might face a fine of 45,000 EUR, or jail. Similar laws are in place in Italy.

6. Reinforcing bad habits
Posting about every single moment of your child’s life may reinforce bad habits and create a false reality that sharing everything online is okay and harmless. Make sure you teach your children to use social media and online spaces safely and responsibly. Talk to them about the dangers, but also show them the fun part of it. Unlike you, they were never given the choice to opt in, and can’t escape the online world. Instead, they will have to navigate their way around it.

Considering that social media platforms have a policy of only allowing people over the age of 13 to use their services, you should also think twice before posting your child online. Many of us have decided to use social media, but your child may not have made the same choice. The safety of our children is the highest priority, and their digital safety should not lag behind. If your child uses social media, make sure they stay safe with ESET Parental Control, which helps you keep your child safe and secure online.

After all, taking your own, and your child’s, safety and digital security seriously and responsibly is the best choice you can make. Making sure your child understands what you do, and why you do it, is essential to bringing up responsible users of the internet. However, we cannot expect them to know their way around without giving them the road map. Talk to them and explain our crazy digital world. You are, and should be, their first contact with a safer internet.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.