Talk about your contradiction of contradictions! Is the internet the greatest invention to emerge over the last ten or twenty years…or the worst? I guess, depending on the context, it is both. But lately, there have been some troubling cyberattack developments coming out of the hacker world that have caused the associated risks to have risen to a scary level.
I found some useful commonsense tactics you can employ to help protect yourself from a damaging cyberattack. No one can give you a 100% guarantee that they have a foolproof system that is undefeatable. But, as one security expert once told me about home security, you can only hope to fortify your defenses such that the hackers choose to move on to an easier target.
See how to level up your cyberattack protection…
Hacking has been around almost as long as the internet, which found its roots in a U.S. Department of Defense project back in the 1960s. In the early days, hacking could be destructive, although the hacking “ethic” was often really more of an annoying “I was here” kind of message to prove your systems could be penetrated.
However, over time, hacking began to take on a more sinister purpose. When foreign nation states got involved from countries such as Russia, China, North Korea and more, hacking became downright dangerous.
SolarWinds Sent a Chill Around the Country
What moved it to the front of my radar, however, happened late last year – the SolarWinds hacking disaster. The company Solarwinds, Inc. offers an intermediary monitoring software called Orion that many large companies and organizations use on their servers and systems. Last year, one or more individuals belonging to a group identified by Microsoft as the Russian hacker group Nobelium, penetrated this middleware by inserting a Trojan Horse into a common update file. So when all of SolarWinds various customers ran what they thought was a “routine” software update, they in fact were opening their systems up to these hackers. The U.S. government says that Nobelium is connected to Russia’s FSB intelligence agency. However, Russia denies any connection to any hacker group.
What made this whole situation so dangerous is that, while about 100 companies had their systems compromised, many were huge companies, such as Microsoft, VMWare, Nvidia, Cisco, Equifax, and more. Even worse than that, about 9 government agencies also had their systems compromised. Agencies such as the Department of Defense, Department of Commerce, Department of Homeland Security, Department of Justice, Department of the Treasury, and more have confirmed they were hacked.
Took Months to Detect
Making matters even worse, these systems were compromised for around eight or nine months before the hack was discovered. The collective damage from this breach in cybersecurity is inestimable.
Then last month, the largest oil pipeline on the east coast, Colonial Pipeline, who supplies nearly half of all the gasoline, diesel, heating oil, jet fuel, and military fuel up and down the eastern half of the United States, was shut down by a ransomware attack. This time, a different group based in Russia, called DarkSide, was said to be behind the attack. Ransomware is an attack where hackers gain access to a company’s systems and encrypts their data which can only be accessed by entering a passcode.
A $5 Million Password
The hackers then offer to sell the passcode to the company for a fee based on the size of the company. Colonial Pipeline says that they paid nearly $5 million for the passcode.
Ransomware attacks are becoming increasingly commonplace, as hackers get more adept at pulling off their heists. Also, their tools are continually improving, which makes their attack process more efficient.
Attacks are Occurring at an Increasing Pace at Companies Large and Small
This week, we learned that JBS, one of the world’s largest meat processing companies, was also hit with a ransomware attack, although this one seems to have had a more limited impact, as their systems began coming back up online within a day or so. Basically, hackers have turned ransomware attacks into an ongoing business, and news of new attacks now occur regularly.
And these attacks occur in companies large and small. Don’t think you are too small to escape attention. I am aware of multiple companies in our industry that have been victims of a ransomware attack.
So what can you do to protect yourself?
Recently, in an article by technology editors in the Bloomberg Business’ Fully Charged newsletter, they offered some commonsense advice on ways you can up your game in protecting your systems. And although they don’t guarantee these steps will absolutely prevent you from being victimized by a ransomware attack, they may be able to help convince the hackers to move on to easier targets.
Steps to Take to Level Up Your Cyberattack Defenses
While there is no surefire system, one step experts suggest, according to the Bloomberg article, is to move your organization to a cloud-based email system.
- Cloud-Based Email Systems – Compared to captive in-house server-based systems, cloud-based solutions are generally more professionally maintained, with – for example – security patches immediately applied the moment they become available.
- Training – Train your employees (and perhaps integrators, their clients) on how to avoid phishing scams. Many compromises begin with a phishing scam – an innocent-looking email that tricks you into revealing login credentials – and they are becoming much more common. I can say I receive phishing scams every day.
- Engage Multi-Factor Authentication – This slight headache where you additionally have a code sent to your smartphone that you then enter during login can be yet another stumbling block for hackers.
- Regular data backups with a twist – Of course you know the value of regularly backing up your data. But now experts suggest a twist, that you regularly back up your data with storage not connected to the network.
- Regularly change passwords – Yes, a headache, but could save you a much bigger and more costly one. Experts say you need to issue a mandate that your employees must regularly change their passwords to head off brute force attacks on a static password.
- Keep security systems updated – Make sure that you make it a priority to keep your security systems updated with all patches applied just as soon as they are available.
- Planning and drills – Cybersecurity experts say that when you are attacked (yes, I said: “when”), time is of the essence. You can dramatically reduce the damage done if an in-house or outside security team can intervene during the attack. Remember those fire drills you practiced over and over again when you were a little tyke in grade school? Well, experts say you should start preparing now by engaging in “game planning” and practice drills – to build the organizational muscle memory of your team such that they quickly react and intervene during the attack.
As Bloomberg’s Tae Kim writes, given the recent spate of high-profile cyberattacks, there is “…no excuse not to take precautions” by any company. In fact, I agree with Kim that “cyber defenses should be at the top of a company’s list of priorities.”
See more on technology at Bloomberg: bloomberg.com/technology.