Tag Archive for: hygiene

5 cyber hygiene strategies to help prevent cyber attacks

/in


The world of cybersecurity is constantly inundated with news on the latest data breaches, cybercriminal attack trends, and security measures. And while that information is critical for adapting to the ever-changing nature of cybercrime, it’s also important to pay attention to foundational measures as well. Basic security hygiene still protects against 98% of attacks.

As companies become increasingly reliant on technology and online systems to conduct their business, meeting the minimum standards for cyber hygiene is essential for protecting against cyber threats, minimizing risk, and ensuring ongoing business viability.

Read on to learn what these standards are and how you can begin implementing them in your organization.

Increase your cyber hygiene in 5 steps

  1. Require phishing-resistant MFA: Enabling multifactor authentication (MFA) can help prevent up to 99.9% of attacks. This is because MFA helps disrupt potential phishing attacks by requiring attacks to crack more than two factors of verification in order to gain access to your system.

However, in order for MFA to be effective, it must be frictionless. Options like device biometrics or FIDO2 compliant factors such as Feitan or Yubico security keys can help increase security without placing an additional burden on employees. Likewise, MFA should be strategically leveraged to help protect sensitive data and critical systems rather than applying it to every single interaction.

Finally, MFA should be easy for end users. Conditional access policies are a great solution here, as they can trigger two-step verification based on risk detections, as well as pass-through authentication and single sign on (SSO). This helps reduce the need for end users to navigate multiple sign-on sequences to access non-critical file shares or calendars on the corporate network as long as their devices are updated. It also eliminates the need for 90-day password resets.

  1. Apply Zero Trust principles: Zero Trust acts as a proactive, integrated approach to security across all layers of the digital estate. Under the Zero Trust model, every transaction is explicitly and continuously verified; least-privilege access is enforced; and intelligence,…

Source…

Ransomware attacks, cyber hygiene tips

/in


AS technology advances, so do the various types of ransomware attacks that organizations must be aware of. In today’s digital age, data is often the most valuable asset of a company, and without proper protection against ransomware, employees and businesses alike are at risk of losing critical information. It is essential to implement a ransomware protection strategy that includes cyber hygiene best practices. In this article, we will discuss the various types of ransomware attacks, who are most at risk, who to contact in case of an attack and tips for preventing a ransomware attack.

Types of attacks

Ransomware attacks come in many forms, but they can be categorized into five primary types: – Crypto ransomware or encryptors. This malware encrypts files and data within a system, making the infected content inaccessible without a decryption key.

– Lockers. They are similar to encryptors, but they lock the user out of their system entirely.

– Scareware. A fake software that claims to have detected a virus or issue and directs the user to pay to resolve it. Some variants will lock the user from other system functionalities, while others will flood the screen with pop-up alerts without causing any damage.

– Doxware/Leakware. This malware threatens to distribute sensitive information or company files online and pressures the user into paying a fee to prevent data from being made public.

– Ransomware-as-a-service (RaaS). This malware is carried out and managed by professional hackers who are paid by an individual for all aspects of the attack, from distribution to payment collection and access restoration.


Most at risk

Ransomware attacks are indiscriminate and can target anyone with an internet connection, whether it is a private individual, a business or any other entity. All individuals need to ensure their systems are adequately protected. If a business is attacked by ransomware and cannot recover, it may put the business and its employees at risk, leading to real-world consequences, such as unemployment and loss of income.

In case of an attack

In case of a ransomware attack, the first step is to notify your…

Source…

Protect Your Ad From Holiday Hackers With Better Password Hygiene

/in


Criminal hackers look eagerly toward the holidays because it’s a time for vacations, general absences, and fewer eyes on the organization’s passwords. There is a 30% increase in the average number of ransomware attacks over the holiday period compared to the monthly average.  Get ahead of hackers’ plans this season and throughout the new year with an updated password hygiene protocol.

8 ways to improve password hygiene now

1.      Reject weak and easily guessed passwords

Criminal hackers guess passwords using employees’ personal data on social media. Hackers notice when Sue, the database admin, shares frequent pics and videos of her favorite nephew, Kevin. They will try likely password variations such as Kev123, Kev456, and Kevin1! to log in to her account.

Employees create passwords using the first words, numbers, and special characters that come to mind. Cybercriminals use dictionary lists, lists of weak, typical, and stolen credentials, and clues from social media to guess their login data. Rules that reject these passwords by default give the organization an edge over hackers.

2.      Require long, more complex passwords

When the organization removes a weak password, it must replace it with a stronger one. The longer the password, the stronger it is, and the more time it takes for criminals to crack it. A 12-character password takes 62 trillion times longer to crack than a six-character password.

Complex passwords are more robust than simple ones. Using a combination of upper- and lower-case letters, numbers, and symbols in random order makes it difficult for hackers to brute force their way into company systems. Password policies mandating long, complex passwords keep hackers off an organization’s systems and networks.

3.     Ban password reuse

It’s easy for employees to remember a single password rather than many passwords. But when they reuse the same password, criminal hackers gain easy access to information in many places with only one credential.

Once hackers confirm a password, they’ll try it everywhere, including the organization’s most sensitive systems. Over 40 million Microsoft users were found to have reused passwords. Ban password reuse…

Source…

Prevent Ransomware with Proper Policy Hygiene

/in


Ransomware attacks typically begin with phishing, credential hacks, or taking advantage of open vulnerabilities. Once the bad actor is in, they rummage around looking for access to their honeypot, a hub of data, to hold hostage. Maintaining good policy hygiene and access control is paramount in preventing and stopping the bad guys before they get to your data.

Remember the Target hack back in 2013? Hackers stole credentials from an HVAC contractor, gained access to the network, pinged around, found the PCI network and injected malware into point of sale devices at every Target in America. Overly permissive access to the network made this possible. Having a clean set of firewall policies and a segmented network would have prevented the bad actor from ever gaining access past what the original victim, the HVAC contractor, required.

DevOps Experience 2022

Access within an organization should be relegated to just what is necessary to meet the needs of the business: nothing more, nothing less. This is good policy hygiene. Unnecessary complexity caused by things like duplicate/redundant and shadow rules, increases the probability of misconfigurations, human error, and risk. Bad actors rely on humans to make these mistakes, creating paths to use as attack vectors, and they are often not disappointed.

Unnecessary complexity is often a byproduct of day-to-day operations. A port is opened for RDP (remote desktop protocol) for troubleshooting, but is never closed. Access is granted for temporary communication between devices, but is left open as meetings and other priorities fill the day. A rule is created for a resource and not removed once it is decommissioned. The scenarios are endless but the results are the same: rules are created, then forgotten, resulting in policy clutter that causes inadvertent access and exposes security gaps for cyber criminals to leverage. When working with thousands of policies among hundreds of devices and platforms, it is nearly impossible to properly manage these policies manually.

FireMon provides a solution to this problem. By centralizing all of your security policy enforcement data into a single pane, a rule repository, FireMon allows you to manage policies across all of…

Source…