Monthly Archives: May 2021

Keep Your Network Secure Against Cyber Attack

Late last year, as well as more recently, two major cyber attacks occurred–one at SolarWinds via their software platform in December of 2020, and one at Colonial Pipeline just this month. These attacks are even more serious than one performed by a lone attacker, and signal how vulnerable networks can be. Not only do businesses need to use tools to protect their own computer networks, but to share information with other companies. Read on to learn how your company can protect itself against cyber attacks.

 

Recent Cyber Attacks a Wake-up Call 

 

Last December, IT management company SolarWinds was attacked by hackers who inserted malicious code in what seemed a normal software update. What’s ironic is that the very platform used to monitor threats, was the one targeted. The bad code allowed the perpetrators to hack numerous government agencies and private companies, possibly stealing untold amounts of data. The company’s platform  was used in this sophisticated attack, and the software update was downloaded by some 300,000 users. Through the download, the perpetrator was able to penetrate deep into companies’ and agencies’ networks. More recently, Colonial Pipeline was targeted in a potential attack on electrical supply to the East Coast via the gas pipeline. While investigations are still underway in each incident, foreign state actors are thought to be responsible. Both these attacks show how vulnerable companies can be. Could there have been a way to prevent the attacks, to see them coming? In spite of all the precautions companies take to shield their networks, cyberattacks seem almost inevitable. 

 

Ways to Protect Your Company Against Ransomware

 

Of course, companies should continue doing things like remote network monitoring, maintaining current anti-virus and anti-malware definitions and training their staff to recognize possible attacks. Commonly hackers try to get into a system by phishing–trying to trick the recipient of an email into clicking a link, providing the attacker a way in. Employees need to be trained to recognize a phishing email by telltale signs (spelling errors in the email) and to inform a supervisor about the email. Yet there’s another step to take. This involves people–sharing information with other companies about attacks and threats of attacks. Commonly and unfortunately, there is a stigma to experiencing a cyber attack; a company doesn’t want to be considered weak. But think how much stronger companies could be when they depend on each other to be aware of new threats, and can band together against cyber crime. Along with this practice, a company can continue educating their staff to recognize phishing attacks and to be careful with passwords (making them difficult to guess, and changing them frequently). Every device connected to the network needs to be monitored, and ones suspected of being attacked, quarantined (disconnected) to keep the network secure.

 

Tools and technology like malware protection and network monitoring should always be a part of your cybersecurity plan. People can also play a role, by reporting possible attacks and sharing information. To learn more about refining your strategy for network security, contact us today.

Guarding Against Cyber Threats and Ransomware Attacks

Cyber threats are nothing new. We’ve been hearing of their prevalence and their aggressiveness for a long time. For example, ransomware is an attack designed to block access to your computer unless you pay a sum of money as a ransom. In recent years, ransom payouts have greatly increased. Read on to learn more about current and emerging cyber threats and how to guard your network from them.

 

Cyber Threats to Watch Out For

 

Cybercriminals find various ways to get into company’s computer networks, often by tricking users into giving confidential information. Social engineering schemes, also known as “phishing” attacks, seek to trick users into clicking a link or into believing the email is from their supervisor. Malware and viruses then have a way to enter networks and steal confidential information as well as infect an entire network. Attackers are using some of the very same emerging technologies–artificial intelligence and machine learning, for instance–to find ways into networks and to evade detection when doing so. This can result in costly downtime for the organization, costly ransom requests and more. How, then, can these attacks be prevented?

 

Defending Your Network Against Ransomware Attacks

 

One common attack is ransomware.  Ransomware can get into your system by social engineering (“phishing”), including dangerous attachments. This malware can encrypt or lock your computers, making data and applications inaccessible. To get data and applications back can be costly,  with an average payout of $13,000, according to CompTIA. Having current anti-virus and anti-malware definitions along with operating system patches is just a start. Your company can also do real-time backups to the cloud, so you won’t have to pay the ransom. Finally, you can train your employees to recognize ransomware sources like phishing emails and to report them.  For example, they can be trained to note tip-offs for a phishing attack, like typographical errors. If something happens, they need to know who to inform so that the attack can be mitigated.

 

Cyber threats are always with us. However, there are ways to protect your company from attacks that both steal vital information from, and introduce harmful viruses into, your network. For help in developing a plan, contact us today.