Finally, your much-deserved summer vacation is about to commence. You and your colleagues prepared your office for downtime, managed last-minute tasks and set up your automatic reply. So, what’s missing?
Cyber threats on the way while you’re away
Although you may be on vacation, many cybercriminals are unlikely to take summer breaks. Why should they? Summer is a busy season for cybercrime, and here’s why: Most organizations tend to let their guard down during the vacation season. The temptation to lower the pitch forks, unplug and get off the grid leaves organizations and their networks vulnerable to attackers. But no organization, regardless of industry, location or size is safe, and as cyber-attacks become increasingly sophisticated, summer crimes are getting worse.
Are we doomed to repeat our mistakes this summer?
Albert Einstein once said, “The definition of insanity is doing the same thing over and over again but expecting different results.”
Unfortunately, it’s indicative of a worldwide approach to cybersecurity.
Improving IT hygiene is one of the most effective steps that can be taken against cyber-attacks, yet organizations, are renowned for being less consistent, particularly during the summer months.
Hackers capitalize on human errors such as misconfigurations, shadow IT and faulty security practices, taking advantage of poor IT hygiene. They use attack techniques and methods that circumvent all cyber defenses, often by employing legitimate tools. It therefore serves organizations well to readdress IT hygiene this summer and step up network protection.
The best way to do so and prevent a cyber-attack is to identify in advance the attack vectors hackers will use to compromise an organization’s critical assets. Even when an organization has deployed and configured modern security controls, applied patches and refined policies, there are still many ways hackers can still infiltrate the system and compromise critical assets and mainly by leveraging poor IT hygiene. The most critical blind spots can be exposed by continuously simulating advanced offensive methods used in APT attacks.
5 steps to stay ahead of the hacker this summer
1. Tighten up your organization’s remote desktop network security
Although vacation time is supposed to be the ultimate disconnect, in today’s reality, many senior executives can ill-afford to completely get off the grid. To keep up-to-date, some will check in to emails and internal applications remotely during their vacation through Remote Desktop systems (RDP). Unfortunately, remote access also increases the likelihood of being hacked. Attackers are quick to leverage remote end-points to access data, take control of networks, hijack login credentials and commit cybercrimes.
Today attackers have access to a wide range of tools that continuously search for remote access points through services such as; Censys.io and Shodan.io, that can be used to map out potentially vulnerable end-points online.
RDP credentials are considered a commodity, as cyber criminals routinely buy and sell them in criminal marketplaces such as xDedic. As soon as an organization is targeted it is relatively easy to bypass user login and password protection.
It could pay to step up protection through additional sources of authentication. Further steps worth considering;
- Avoiding the temptation to connect via unprotected WiFi hotspots
- Browsing through sensitive data over a VPN over trusted hardware
- Protecting devices using full disc encryption
2. Before the break, back it up!
An organization’s data is one of its most valuable assets. Loss of prioritized data stored inside an organization’s critical infrastructures is a bitter pill to swallow. To make matters worse, the speed of an average breach and the difficulty in detecting it in time is distressing. According to a Verizon report, 93% of successful data breaches occur in less than a minute yet 80% of organizations take weeks to realize whether a breach occurred.
One of the most important steps in creating an effective plan is to figure out how often data, particularly the ‘crown jewels’, needs to be backed up. Large enterprises dealing with multiple data transactions such as financial organizations, need to back up more frequently—sometimes several times a day. The good news is, that as opposed to a few short years ago, there are more user-friendly backup options. Some software solutions on the market automatically back up data at selected intervals, to make the process easier to manage. The standard back-up best practice is known as the 3-2-1 rule:
- Creating up at least three copies of the data
- In two different storage formats
- With at least one copy located offsite
3. Policies in the face of an expanding attack surface
Organizations need prioritized policies and processes to manage physical, technical, and administrative controls, of any device within an attack surface. Today, traditional networks, servers and endpoints, no longer are standalone islands. Due to an expanding yet connected attack surface, IT policies and processes must consider everything Internet and IoT. After all, a router, or even a fish tank thermometer could turn into a doorway to an organization’s network. So prior to the big summer break, it’s worth assessing and testing the effectiveness of devices’ security control, fixing them where needed, and setting up ongoing monitoring and preventive measures for any imminent threat.
4. Overcoming weak password security
It’s no secret that the greatest security threat is not a sophisticated hacker, or a botnet, rather it is human error, and one of the most worrying misdemeanors are passwords.
A recent survey conducted by Ovum and LastPass revealed that 76 percent of employees experience problems using or managing passwords and nearly a third needed helpdesk support at least once a month. Despite these alarming figures, 62% of IT executives rely exclusively on employee education. The figures raise serious visibility and control issues as employees are essentially on their own.
The human behavior factor is leaving companies unnecessarily at risk from weak or shared passwords. Organizations need to focus on solving these issues to significantly improve their overall security. Solutions worth considering before the grand vacation include multi-factor authentication and password management apps that offer the opportunity to use non-guessable passwords. Multi-factor authentication isn’t supported widely but in time it could prove to be one of the more productive ways of protecting networks.
5. Security automation followed by actionable remediation
Although organizations are increasingly aware of the need to educate staff and make sure employees practice the basics of attack prevention, human error is inevitable. Modern workforce realities such as staff changes during holiday periods, extra-long hours, high turnover, or a shift-based workforce can accelerate erroneous events such as misconfigurations and other security vulnerabilities. Automated 24/7 cyber simulation test platforms with immediate actionable remediation working inn a continuous loop could keep organizations constantly one step of the hacker.