Almost daily, we hear about another cybersecurity incident grabbing a headline. A client calls you with a tale of funds transferred to a fraudulent third party. A friend of a friend suffered a ransomware attack and had to figure out what bitcoin is.
Unfortunately, this problem isn’t going away. The financial upside, low barrier of entry for both tools and knowledge, and target-rich environment make cybercrime an appealing career.
So, what can we do?
The short answer: Protect ourselves before the threat turns into an incident.
In reading the latest Data Breach Investigations Report from Verizon, I didn’t exactly jump up and pump my fist that the good guys were finally winning. We aren’t. We are getting better and more secure, but so are the threat actors. Practicing the basics of good cybersecurity hygiene will offer you a reasonable level of protection. Some great starting points are included below.
Require Multifactor Authentication
Require MFA on all applications (web apps, phone apps, internal apps, etc.), remote connections, email, banking websites and third-party storage sites.
Protects Against: Stolen or compromised credentials and weak password controls.
Leverage Password Vaults
These “vaults” allow you to leverage very complex passwords that you aren’t required to remember each time you log in. It also eliminates the need for shared passwords (or passwords written on a sticky note under your keyboard).
Protects Against: Weak, shared or similar passwords.
Have an Offsite Backup
Ransomware attacks are devastating because they encrypt all your data until you pay the ransom. As a bonus, the ransomware malware generally deletes all your backups or encrypts them.
Having segregated, offsite backups can allow for a quick recovery, as the backups are separated (and safe) from the infected primary network. You can leverage offsite backups with a cloud provider, but the best solutions are those with backups not connected to the internet full-time (i.e. air-gapped).
Protects Against: Negative impacts from ransomware and other cyber incidents.
Rename Default Credentials and Passwords
Almost all hardware (firewalls, wireless routers, etc.) and software (applications, operating systems and databases) come with system accounts with full administrative-level access and a default password. Service providers publish that default admin account name and password on the internet.
- Rename all default administrator account names (if possible).
- Modify the passwords of all system accounts to complex passphrases and periodically age them.
- Require MFA wherever offered.
Protects Against: Hacking and other unauthorized access to your devices.
Define Your Patching Process
Define a cadence for patch application for your operating systems, hardware devices and user endpoints (laptops and desktops).
Protects Against: Known exploits, hacking and other unauthorized access.
Enhance Your Remote Desktop Software Security
There are many pages on “how to hack remote desktop environments” available on the internet. These breaches usually go unnoticed for a long time and provide an easily accessible door into the depths of a company’s network.
- Ensure your IT team patches all remote desktop software regularly.
- Enable encryption or require a VPN to connect.
- Require MFA to connect.
- Ensure user accounts are locked after five incorrect password attempts.
- Create two user accounts for IT admins: their “normal” user accounts for day-to-day activities, and “admin” accounts only used for administrative functions when needed. Both accounts should have MFA enabled.
Protects Against: Known exploits, hacking, advanced persistent threats and other unauthorized access.
Secure Your Wiring and ACH Processes
Each day, funds are wired to unauthorized (e.g., incorrect) persons. There are a lot of sophisticated attacks that will allow someone to get inside your external wire and ACH processes.
- Define policies and procedures around payments and specific verification steps.
- Require separate requestors and approvers within all bank websites (ACH and wire).
- Provide a means of escalating “unusual” or “urgent” requests for review.
- Require MFA on all banking websites or consider changing banks if this isn’t available.
Protects Against: Loss of funds.
Implementing the strategies identified here will help protect you before the threat becomes real. If you have any questions on how to protect yourself our your company from cybersecurity threats, the Moore Colson Cybersecurity Practice Area can help. Contact us for more information.