Prevent cyber attacks on your business
Ransomware is now considered one of the two biggest cyber threats to our country, according to former Director of the Cybersecurity and Infrastructure Security Agency (CISA), Chris Krebs. He recently spoke with the Washington Post about “Securing Cyberspace.”
Cyber thieves use ransomware to extort money from businesses and individuals by gaining access to computer networks and either encrypting the data or locking out legitimate users. Then, they demand payment to restore the files or access.
Krebs said the top two threats of the 2020 election were ransomware attacks on voter registration databases and disinformation campaigns undermining confidence in the electoral process. While he says there were no ransomware attacks on the voting process, recent attacks have proven ransomware is a disruptive threat to critical infrastructure functions such as pipelines and the food supply.
In May, a ransomware attack on Colonial Pipeline took down the nation’s largest fuel pipeline and caused fuel shortages along the East Coast. The demand: $4.4 million.
In June, a ransomware attack took over JBS Foods’ computer networks. It halted the meat processing giant’s operations in the U.S., Canada and Australia. The demand: $11 million.
Krebs says the cybersecurity climate has changed enough over time and the two attacks were the tipping point to get bipartisan support for cybersecurity breach reporting, which he also supports. “We just don’t understand what the denominator is and how many attacks are happening because companies are not informing the federal government,” he said.
The FBI estimates between 25 and 30% of incidents get reported to the agency.
In July, President Biden signed a national security memorandum that calls for tougher action from private companies. That memorandum keeps reporting voluntary. But there’s bipartisan support for The Cyber Incident Notification Act which requires certain businesses to report cyberattacks.
What’s the alternative to reporting? Prevention.
SDN Communications employees are encouraged to evaluate each email in their inbox and use a “Phish Alert” plugin when the content is suspicious. It scans emails for confidence levels of whether it’s a clean email, SPAM or a threat. If it’s malicious, it removes them from all network devices.
The IT team also sends out phishing email tests at least once a month. When employees use the button on those, a popup congratulates them for identifying a simulated phishing email from the IT department. The annual cybersecurity training all SDN employees take helps them identify the red flags in emails that could be malicious and compromise the company’s security.
It’s just one of the many layers SDN’s IT team has in place to protect the company against cyber threats. The IT manager recently shared the tools that make up those layers with employees, which are simplified into four buckets below:
- Educate employees. SDN subscribes to KnowBe4’s training. Its Phish ER tool is what scans emails for threats.
- Secure access to the network and all devices on it. Multi-Factor Authentication and Network Access Control prevent unknown users and devices from accessing the network.
- Segment and monitor the network. Keep bad actors from moving throughout the network and watch for unusual activity. Antivirus endpoint protection and Security Information and Event Management applications can scan files, workstations and servers for malicious signatures and activity.
- Backup data. Consider the 3-2-1 rule: maintain three copies of your data on two different backup sites and one offsite location. Immutable backups can secure data by storing it in a form that can’t be changed.
SDN also hires companies to test the network. The first happened in 2018 and again in 2019. In both cases, our IT team learned where the network would benefit from extra layers of protection, but in a positive setting.
A good, layered cybersecurity strategy addresses the entire network and includes every person in an organization. But as the cyber landscape changes and attacks persist, Krebs says it’s still far too easy for the bad guys to take advantage of vulnerable networks and there’s more to be done. “Spies are going to spy. And so we have to make it harder. We have to detect it. We have to mitigate it as fast as possible.”
You can find a Cybersecurity Resources Road Map and more information for your business on the CISA website at https://us-cert.cisa.gov/resources.
Andrea Leesch is the Digital Marketing Specialist at SDN Communications, a business-to-business broadband internet and managed services provider. Among her digital marketing duties, she maintains the SDN Blog which features articles about technology, cybersecurity, member companies and company culture.