These five key cyber smart strategies can protect you and your organization.
Lock Down Remote Desktop Protocol In Your Organization
More than 60% of ransomware attacks originate from hackers gaining unauthorized access to a computer via Remote Desktop Protocol (RDP). Using compromised credentials, a hacker can login to a computer within your company’s network using RDP, move within the network undetected, and launch a crippling ransomware attack.
Two-Factor Authentication (2FA)
2FA protects your organization by adding another layer of protection to password-protected remote access to your network. The vast majority of successful attacks are a result of the hacker gaining access to your network using compromised login credentials. In other words, even if the hacker has stolen an employee’s login credentials, 2FA should prevent them from accessing your network.
Offline Segregated Backups
Backup solutions that are connected and mapped on your network are highly vulnerable. A properly segregated backup reduces this risk. So consider backing up to the cloud. Configure any cloud backups to ensure they are isolated from your operating environment. Create internal procedures for maintaining on-site and off-site backups of critical systems and data. Test your backups periodically to ensure they work when needed.
Spam Filtering & Email Configuration
Your email server can automatically filter out suspicious emails. Use email filtering to quarantine suspicious emails and scan documents and files before they are opened. Check your email for suspicious email forwarding and mailbox rules. These rules are a signature that reliably detect whether criminals have infiltrated your email.
Next Generation Anti-Virus: Behavior-Based Protection
Behavior-based security software scans devices for unusual behavior and can decide if the deviation is a threat. These solutions are typically connected to the cloud, so their ability to detect new malware variants is updated in real-time. This is known as Next Generation Anti-Virus, which finds or blocks suspicious activity automatically. Behavior-based endpoint protection guards against new threats and prevents ransomware.
A typical, real-life ransomware attack:*
Your employee receives an email seemingly from Microsoft, warning them that their account may have been compromised, and to login to verify that they are the owner of the account. The user inputs their login and password, and the credentials are stolen by a hacker using this rudimentary but highly successful phishing technique. The criminal notices that your employee’s computer has the Remote Desktop Protocol (RDP) enabled, and logs into the employee’s computer while they work from home, using the stolen credentials. The hacker uses the hijacked computer to find the backup server on the company’s network, and deploys ransom-ware to encrypt the company’s backups, before launching a wide-ranging attack on the rest of the company’s computers and servers. This attack cost the company over $10,000,000 between the 7-figure ransom payment, related expenses and business interruption losses.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
