Cyber Security
November 11, 2022
Cyber crime is big business. Here’s what the attackers do…
First they send you a link in an email, or someone clicks on a link on a website, or perhaps there is a hole in your security and they exploit this.
A payload is delivered which allows them to exfiltrate your data. Basically they copy up to the cloud as much as they can get access to… shared drives, emails, HR or Finance databases… anything they can get their hands on quickly.
Then they will run a script which will encrypt all of your files, basically putting a password on every single one of your files.
A file will appear with a ransom demand, asking you to contact them to discuss your options.
They now start reviewing your data to see what loot they have got. Financial information, PII, commercially sensitive information?
Put yourself in this situation, what data could they have possibly taken from your computer or network? How will you recover your files and/or computers without having to pay to decrypt/get the password?
Prevention and minimising risk is a much better thing to do in advance of being in this situation.
Here are our tips…
Things you can do yourself:
- Review the data that you keep in your organisation, if you don’t need it anymore, archive or destroy it.
- Talk to your staff about the risks of data, regularly changing strong passwords, and being careful online.
What should you talk to your IT team about?
- When were the backups last fully tested? Are they stored offline and safe from an attacker?
- Is the antivirus/anti-malware solution capable of detecting and blocking cryptolocker ransomware? (Many aren’t)
- Is multifactor authentication used on all remote access?
- Are systems reviewed for vulnerabilities and patches recently deployed?
- What legacy systems are still online that could be decommissioned to reduce attack surface?
Due diligence to do:
- Get a third party to review the security and risks to your environment.
- Get proof of working backups and restore capabilities and understand the real world recovery times of a full system outage.
- Investigate Cyber Insurance, but know that it’s not a get out of jail free card.
Share this post and follow us for more tips. If you find this handy or have any questions, post it on here so we know to write more of this kind of content.
