In the link below, Hiscox Insurance produced a short video detailing the business impact of a cyber breach. It’s well done and in only 3 minutes, gives quite a visual representation of what a behind the scenes hack might look like.
So, how can your business defend against a real world cyber attack?
Phishing, Distributed Denial of Service and Ransomware are three of the areas they focus on. We wish we could tell you that there is a silver bullet or a magic button that could solve all your concerns, but it just isn’t true, no matter how much marketing budget some companies have! Instead, it takes a healthy dose of education, training, awareness, managed software and consulting services to mitigate your risks.
So, what do you do to protect your people, your company and your prized assets? Below, we’ll run through some actions you can take to reduce your exposure to risk.
The best way to prevent a Phishing Attack? Educate, educate….
Quite bluntly stated, phishing is successful because of poorly trained employees, lack of properly implemented filtering, mismanaged tools and increasingly sophisticated approaches by hackers, just to name a few. Companies and their technology partners have done a good job of protecting the perimeter, so the best way in is through your most susceptible asset, your employees.
It’s not just the entry level staff either that are making the bad decisions. A good spear phishing example is an email made to look like it was sent from the CFO to Sr. Execs within a Fortune 50 company. It contained a link to request the CFO’s last two Super Bowl tickets, for the game just two weeks away. Fortunately, this was an internal test, but results were very successful – many of the Sr. Execs clicked the link.
So, sometimes it’s common sense. Maybe picking up the phone and calling to validate a request or simply emailing the contact back separately and asking if they had sent the email. In many cases, emails contain poor grammar or spelling as they are looking for the most highly susceptible target.
Other times, it’s doing the don’ts – Don’t trust the sender, don’t open an attachment if you aren’t sure, don’t give out personal information and don’t be so quick to reply. Taking a couple of extra steps to validate a request could prevent an attack.
If you aren’t sure, alert the appropriate personnel and or contact your IT Department. Many companies now have a company email (Ex: firstname.lastname@example.org) where you can forward questionable emails to. If it’s a call, ask to call the person back or put them on hold and validate the call internally.
A well designed and managed tool can be a great resource as well to consistently train and educate your staff. Rebyc Security is an authorized reseller of KnowBe4, a security awareness and phishing platform used by thousands of companies. If you are looking for a tool, contact us as we can get better than direct rates. If you want to take it to the next level, a customized phishing attack to truly test your staff, check out our phishing testing options.
Distributed Denial of Service (DDoS) attacks are a real pain – What to do?
Dealing with a DDoS attack can be a major disruption to your business. If you derive most of your revenue via an online presence, even minutes of downtime can have significant a impact on your financials. Rather politically motivated, hacktivism, someone just having a good time at your expense or a malicious competitor, it can be a strain on your resources.
Below are 5 steps to help defend against a DDoS attack:
- Review log management and assure that alerts are both getting to the right staff and getting properly addressed.
- Insure firmware is up to date and consistently review your external firewall and IDS/IPS devices are configured properly.
- Restrict physical and logical access to the firewall and IDS/IPS devices. This includes vendors!
- Make sure your staff understands their role and responsibilities in an attack. Notifying your internet service provider, proper authorities and internal escalation are all key.
- Run through a test scenario with your staff to go over your incident response plan. This includes reviewing and consistently updating documentation, escalation paths, closing gaps, etc.
5 Steps your business can take to defend against Ransomware
According to the Malwarebytes Q3 2018 Cybercrime Tactics and Techniques report, while Ransomware was on the decline through the first two quarters of 2018, it spiked considerably in Q3, with an 88% growth in detections over Q2. For those in the banking markets, the news gets worse, as they further state that banking trojans were the number one detected malware in Q3.
Many protections against Ransomware are not that difficult to implement, but they do require being proactive and consistent monitoring. Where many defenses fail is when focused attention and ongoing maintenance lags. Below are a few of the steps you can take to fight Ransomware:
- Security Awareness Training
- Train, train, train and then train some more. New types of malware strains are consistently coming out and the tools the bad actors have are too. So, test, phish and educate your staff regularly so they are aware of the latest risks and how to address.
- Spam and Web Filtering
- It’s better to error on the side of caution here. It’s important to tune and test your spam filter to identify the latest variants. For web filtering, making sure known bad websites are updated and strict filtering can significantly reduce ransomware risk.
- Principle of Least Privilege
- Administrator privileges should be reserved for Administrators….period. Most employees don’t require admin rights, so reduce your risk and protect your staff from both themselves and adversaries by restricting permissions.
- Application Whitelisting
- This is one of the most effective solutions to combating a ransomware attack. While labor intensive, when combined with Principle of Least Privilege, your exposure to virtually all malicious ransomware files will be blocked. The key is ongoing monitoring and proper implementation.
- Test Your Backups
- We get it, it’s a pain. However, you want to know that these are going to work when you need them. Also, make sure you are doing it often enough to match your risk – how much data can you stand to lose? A day? A month? 6 months? Whatever it is, make sure your backups have been tested accordingly.
For all the above, proactivity, key oversight, proper resource allocation and follow up and follow through are all important factors in a well-conceived mitigation strategy.
Rebyc Security can help you test your defenses and insure you are proactively mitigating your risks. We can customize a program to fit your budget and further advance the security strategy as your program matures. Be it Phishing, DDoS Attacks, or Ransomware, lets talk about how Rebyc Security can help your find your risks before the hackers do.