Recent Attacks, Insider Threats and Preventive Measures
As technology continues its forward march, so do the methods and means adopted by cybercriminals. Unfortunately, in this tug-of-war, hackers and other cybercriminals seem to have the edge- always finding ways to bypass innovative security measures.
2012 has witnessed several serious data breaches and other types of cyberattacks. The victims include some of the biggest entities in the corporate and even military world. Let us discuss some of them:
Dominos (India) Data Breach and Leak
Dominos is a famous pizza brand not only in the west but also in India. But the brand, especially its Indian arm, suffered a significant image setback when a massive data breach occurred this year. The breach accessed and stole personal data provided for over 18 crore orders. Worse still for the company image, this data made its way into the dark web, available for sale.
The data leak was quite comprehensive and included personal details like email id, name, location and mobile numbers. But according to the firm, the essential part of the personal information- payment details, including credit card details remains safe.
The Mass Cyber Attack on Microsoft Exchange
The mass attack on MS Exchange this year bears out that
sophisticated cyberattacks are increasingly becoming. It affected hundreds of thousands of organizations, including 9 US government agencies besides millions of individual users. The attack took place through 4 zero-day vulnerabilities in the software. Microsoft assures us that the exploit has been subsequently patched.
The Acer Ransomware Attack
Earlier this year, the ransomware group REvil suspectedly infected the Acer data storage system with ransomware. It demanded an unprecedented $50M to return Acer the control over its systems. In addition, the group used images of the data they had accessed to prove their “exploits.”
Insider Threats
No matter how sophisticated, complex or secure you make your computer and IT infrastructure, the human flaw remains. It assumes particular danger due to the increasingly remote nature of today’s workforce.
The demarcation between personal and professional use is significantly blurred. The security implications of the comprehensive transformation of organizational structure, use of the cloud, and the rising number of people with malicious intent are added to that. Besides the various types of malicious intent, another factor makes securing remote workplaces an herculean if not impossible task- human error, oversight, and carelessness.
Insider threats are people within the organization who might willingly compromise with ethical practices at their jobs and make unethical use of their data access privileges. The worst thing is that it is not for tech-savvy treachery to make digital trails end at a dead end.
Consider the recent Verizon study, which found that insider threats lead to 57% of data breaches. Under such circumstances, the somewhat paranoid approach of “trust no one” might be indeed the way forward.
Preventive Measures
God forbid you to make the mistake of taking your firm’s cyber-security lightly, then you are heading towards trouble. Not that taking a couple of steps will bulletproof your cybersecurity. But it can go a long, long way in preventing a cybersecurity mishap. The following steps can help businesses in ensuring better levels of security for their data and IT infrastructure-
Implement a Cybersecurity Plan
Most businesses indeed cannot hire cybersecurity teams. Still, considering the stakes, it would be wise to at least put in place a plan to combat cybersecurity threats. While trying to accomplish this, you can look to NERC CIP for inspiration.
The cybersecurity guidelines of this non-profit corporation are the finest of their kind, making it a de facto industry standard. The agency, intended to safeguard bulk power systems in the northern US, has a comprehensive cybersecurity plan which includes everything from threat categories to recovery.
Knowledge is Prevention
So you have documented world-class security protocols. But few of your employees know about it. I don’t think that would be too beneficial, would it? In the typical business, IT structure employees connect and access data from a database through their devices and then make backups to the cloud. But that means that you are one phishing email click away from hackers gaining access to your precious database.
Furthermore, the employee himself might be completely oblivious of the great calamity he has brought to the organization. Such incidents are just one example. Be rest assured there are plenty of others. The key to getting around such threats is to ensure that all employees are keenly aware of common types of cybersecurity threats and attacks. The free US government-provided training resources of “STOP. THINK. CONNECT.™” can prove to be much more than handy.
Backup,Backup, Backup
Sole, local copies of data are only inviting trouble. One intrusion and all your information goes to the air, not even with the whoosh warning sound! Backups are effective against ransomware attacks too. Suppose you have an unencrypted copy of your data. In that case, you don’t need to pay to decrypt the copy a hacker has encrypted.
Don’t underestimate ransomware; it has made individuals and organizations lose several hundred billion dollars. On your part, make sure that you can rely on the cloud service.
Use Multi Factor Authentication
While many users have gone beyond their partners’ names as their passwords and use complex ones instead, it is still of little use.
You see, hackers have become savvier too and use complex algorithms that can figure out even complex passwords. The way out of this is by using MFA or Multi-Factor Authentication and making it a point to change passwords frequently as routine. As you might have guessed, MFA adds additional authentication layers as OTPs sent to registered email ids or mobile numbers. So go ahead and add another third device to make the previously two-factor authentication method an MFA one.
Always Use an Effective Internet Security Software
Phishing and other forms of cybersecurity threats can be highly sophisticated, and the most aware and alert of employees can fall prey to such a hacker tactic. Considering this adding another protection layer is extremely helpful. Internet Security software can keep you safe from malware and phishing emails, and identity theft. However, it is impossible to monitor and protect yourself from all the components of a hacker’s toolkit by yourself.
Therefore, a good internet security software or software suite is something all cybersecurity experts recommend. They are effective against the majority of such threats. Norton especially has an impeccable reputation in terms of safety.
Secure your wi-fi
Having wi-fi access to the net is convenient. Still, it also opens up new security vulnerabilities for you to negotiate. Businesses need to make sure that both office and home wi-fi networks are safe and secure. If someone hacks into an employee’s remote home wi-fi, they can progress further into your company servers. It will take time, but hackers can do it. Here also awareness is the key and company personnel educated comprehensively on maintaining wi-fi security are the real solution. One best practice is to make it mandatory for remote workers to log in to your servers only through VPN connections.
Be Wary of Clicking on Links
Malicious links and popups are other common ways your business or employee can fall prey to phishing attempts. Phishing leads to significant security lapses like identity theft and sometimes even ransomware. Use special tools to filter out such emails and use the email service provider’s spam feature to the fullest. Also, make reporting all spam emails part of protocols. Some of them are indeed phishing attempts.
Keep Everything UPdated
Remember the online maxim that the security of any software tool is only as good as its latest update. Please make it a point to keep all software updated when your firm or the software provider makes them available.
Updates take care of vital security issues besides adding features. Almost all code contains flaws, and hackers are quick to jump on them. In this, updates are an indispensable ally in your war on cyber-crime.
International governments report that about four-fifths of hacks are made possible due to outdated software.
Know What’s Important To You and Your Business
You need to figure out how a hacker can gain the most by infiltrating your IT infrastructure and business data. Accordingly, place additional security measures to protect such data. Discretion in data access is an excellent virtue in cybersecurity, primarily due to the significant threat posed by insiders, as discussed earlier. In addition, it makes tracking and monitoring easier. And do monitor and record all suspicious and unauthorized logins and store the relevant data.
Bottom line, better safe than sorry. The more robust and more comprehensive your cybersecurity, the lesser the chance of a breach or leak or ransomware attack.
Article by Bizemag Reporter
Image Courtsey: Free Resources