These five key cyber smart strategies can protect you and your organization.
Lock Down Remote Desktop Protocol In Your Organization
More than 60% of ransomware attacks originate from hackers gaining unauthorized access to a computer via Remote Desktop Protocol (RDP). Using compromised credentials, a hacker can login to a computer within your company’s network using RDP, move within the network undetected, and launch a crippling ransomware attack.
Two-Factor Authentication (2FA)
2FA protects your organization by adding another layer of protection to password-protected remote access to your network. The vast majority of successful attacks are a result of the hacker gaining access to your network using compromised login credentials. In other words, even if the hacker has stolen an employee’s login credentials, 2FA should prevent them from accessing your network.
Offline Segregated Backups
Backup solutions that are connected and mapped on your network are highly vulnerable. A properly segregated backup reduces this risk. So consider backing up to the cloud. Configure any cloud backups to ensure they are isolated from your operating environment. Create internal procedures for maintaining on-site and off-site backups of critical systems and data. Test your backups periodically to ensure they work when needed.
Spam Filtering & Email Configuration
Your email server can automatically filter out suspicious emails. Use email filtering to quarantine suspicious emails and scan documents and files before they are opened. Check your email for suspicious email forwarding and mailbox rules. These rules are a signature that reliably detect whether criminals have infiltrated your email.
Next Generation Anti-Virus: Behavior-Based Protection
Behavior-based security software scans devices for unusual behavior and can decide if the deviation is a threat. These solutions are typically connected to the cloud, so their ability to detect new malware variants is updated in real-time. This is known as Next Generation Anti-Virus, which finds or blocks suspicious activity automatically. Behavior-based endpoint protection guards against new threats and prevents ransomware.
A typical, real-life ransomware attack:*
Your employee receives an email seemingly from Microsoft, warning them that their account may have been compromised, and to login to verify that they are the owner of the account. The user inputs their login and password, and the credentials are stolen by a hacker using this rudimentary but highly successful phishing technique. The criminal notices that your employee’s computer has the Remote Desktop Protocol (RDP) enabled, and logs into the employee’s computer while they work from home, using the stolen credentials. The hacker uses the hijacked computer to find the backup server on the company’s network, and deploys ransom-ware to encrypt the company’s backups, before launching a wide-ranging attack on the rest of the company’s computers and servers. This attack cost the company over $10,000,000 between the 7-figure ransom payment, related expenses and business interruption losses.
