Since the beginning of the pandemic, the US Federal Bureau of Investigation (FBI) has reported a 400% increase in cyber-attacks. What’s more, as of July 31 2021, the FBI has reported a 62% increase in reported ransomware incidents since the beginning of the year as compared to 2020. That’s only data on what’s actually reported. There are a lot of attacks that go unreported each year, making these percentages even higher.
At GroupSense, we respond to many ransomware attacks (and other cyber-threats) and have taken inventory of how threat actors gain access to each of our victim clients. The attacks can be distilled down to a list of basic cyber-hygiene items. I’ve narrowed down this list to the top five items companies should address to avoid getting hit by a cyber-attack. While these items may be considered “cybersecurity 101,” you’d be surprised how many organizations don’t have these measures in place. For those companies that don’t have a sense of urgency or think “we won’t be next,” these areas need to be addressed, and now.
Here are the top 5 cybersecurity tools companies need to make sure are implemented:
-
Two-Factor Authentication (2FA) Or Multi-Factor Authentication (MFA)
Companies must ensure that either 2FA or MFA capabilities are used on everything in the business. That means network and remote access and email, web-based applications and more. Make sure you opt for solutions that offer these capabilities via SMS and through a hardware token or mobile app. Remember that the Colonial Pipeline hack occurred because a ransomware group accessed an inactive account that didn’t have multi-factor authentication enabled.
-
Email Policy
Companies need to implement a strong email policy regarding corporate email for personal reasons. This starts by restricting access to personal email on all company technology, whether it is a laptop or a mobile phone. By doing this, companies will significantly lower their risk for phishing attacks.
-
Anti-Phishing
Regarding phishing attacks, companies need to leverage cloud-based anti-phishing tools to further protect employees from falling for phishing attacks. In addition, training employees on the types of emails to avoid is so important to help bolster this strategy. Encourage employees to forward any suspicious emails to IT to be vetted before clicking on any links that could potentially lead to an attack.
-
Password Policy
Every organization should publish and maintain a password policy for their employees that outlines the importance of password security and credential use. Re-used or similar passwords used for both business and non-business sites are a common point of entry for threat actors. I highly recommend every company use a credential monitoring service (also known as account takeover protection (ATO)) to ensure that employees adhere to the password policy. When credential reuse occurs, this service will notify employees of the policy violation and reset their passwords to avoid opening the door for a threat actor to gain access.
-
Virtual Private Network (VPN)
One of the significant factors driving cyber-attacks over the last 18 months is how the pandemic forced many employees to work remotely. Companies scrambled to get their operations in the cloud without putting in place the necessary measures to secure remote access and remote workers. Companies must use VPN or another zero trust access method to ensure the security of remotely accessing their networks. On top of that, always use 2FA and MFA to safeguard those networks further. To lower your risk, I’d also suggest avoiding remote desktop protocol or direct-to-machine access.
As the pandemic continues to rage on and cyber-attacks continue to rise, companies must re-evaluate their cybersecurity strategies and address basic hygiene items like those I highlighted. Much of the discussion in the industry has been about how to shut down ransomware groups and other threat actors responsible for their actions, but we should flip that outlook. What can companies do to control the situation? The answer is, lower their risk of being attacked, and that starts with ensuring proper security measures are put in place.