A horror-stricken world continues to watch closely. Since Russia invaded Ukraine, more than 1 million refugees have fled the country, the State Department reissued advisory urging Americans to leave Russia “immediately” and the price of oil surged.
Simultaneously, there has been an alarming rise of concern amid business cybersecurity.
So much so that in fact, one week before Russia invaded Ukraine, the Cybersecurity and Infrastructure Agency (CISA) issued a rare cyber “Shields Up” warning. While the CISA stated that there are no specific cyber threats to the U.S. at this moment, it goes on to say, “Every organization – large and small – must be prepared to respond to disruptive cyber activity”.
Cyber Security Threats
Because we are focused on providing our clients with strategies intended towards “business continuity” our MCDA CCG team have not shied away from expressing that cyber threat is very real – especially when you have so much at stake. The “Shields Up” warning is directed towards the U.S. private sector, and the deployment is based on Russia’s denial of service attacks on Ukraine by its military., But even with all of this going on, small business owners still question if the
While your small business may not be directly threatened or affected, the public and private organizations you rely on to remain operational might. Think about it, if these organizations are attacked and/ or indirectly compromised, your business will consequently suffer. Beyond Russia, there are cyber-criminal organizations that have expressed their complete support of the Russian government.
These particular cyber criminals play roles in the major hacks and ransomware attacks around the world. Therefore, it is not only Russia and its allies that pose a threat to the digital landscape we live and work in.
Yes, it’s imperative that you protect your small business every hour of every day with no days off.
No, the Russian invasion shouldn’t be the only reason that you begin to implement and follow strict cybersecurity protocols.
In fact, if you are just now assessing your position in the cyber world, you may be too late, as strong cyber defense is a long-term game requiring sufficient investment, rather than just an “add-on”. This rule applied to everyone: individuals, freelancers, small businesses and large organizations.
You can implement thousands of mitigations in an effort to protect your business, but none of it will matter if you don’t also include very strict cybersecurity governance that holds everyone in your business accountable.
So always make sure to have the proper policies, procedures and training to protect everything you have worked so hard to build.
Below are the FBI’s recommendations for preventing ransomware:
- Regularly back up data, air gap and password protect backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.
- Implement network segmentation
- Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate and secure location.
- Install updates/patch operating systems, software and firmware as soon as they are available
- Make use of multi factor authentication where possible
- Utilize strong passwords and regularly change them to network systems and accounts, implementing the shortest acceptable timeframe for password changes. Avoid reusing passwords for multiple accounts.
- Disable unused remote access/RDP ports and monitor remote access/RDP logs
- Require administrator credentials to install software.
- Audit user accounts with administrative privileges and configure access control with least privilege in mind.
- Install and regularly upgrade anti-virus software and anti-malware software on all hosts
- Only use secure networks and avoid using public Wi-Fi networks (consider using a VPN)
- Consider adding an email banner to messages coming from outside your company
- Disable hyperlinks in received emails
- Focus on cyber security awareness and providing users with regular training on information security principles and techniques in addition to overall cyber security risks and vulnerabilities
Below are recommendations from the CISA
- Deploy application control software to limit the applications and executable code that users can run. Email attachments and files downloaded via links in emails often contain executable code.
Identity and Access Management
- Use multi factor authentication where possible
- Limit use of administrator privileges, as users who browse the internet, use email and execute code make excellent targets because their system -once infected- allows attackers to move actress the network, gain additional accesses, and access highly sensitive information
- Enable antivirus and antimalware software and update signature definitions in a timely manner
- Well-maintained antivirus software may prevent the use of commonly deployed attacker tools that are delivered via spear phishing
- Be suspicious of uncultivated contact via email or social media from any individuals you don’t know personally. Never click on hyperlinks or open attachments.
- Consider adding an email banner to emails received from outside your organization and disabling hyperlinks in received messages.
- Train users through awareness and simulations to recognize and report phishing and social engineering attempts. Identify and suspend access of user accounts exhibiting unusual activity.
- Adopt threat reputation services at the network device, operating system, application and email service levels. Reputation services at the network device, operating system, application and email service levels. Reputation services can be used to detect or prevent low reputation email addresses fuels, URLs, and IP addresses uses in spear phishing attacks
Vulnerability and Configuration Management
- Install updates/patch operating systems, software, and firmware as soon as updates/patches are available. Prioritize patching known exploited vulnerabilities.
Hire an Expert
It’s not enough to read a post like this and jot a bullet point down on your exhaustive to-do list. It should be your top priority.
No matter the size of your business – large, small, one-man band – you can ensure a strong cybersecurity position when you engage the services of a cybersecurity expert.
Here’s why: when you enlist the help of a cyber-security professional, you gain all-around access to the top resources and training your organization needs. A cybersecurity expert can conduct a vulnerability assessment, train your staff and clients, evaluate your vendors and advise on encryption tools, insurance, document storage, network monitoring and so much more.
Don’t wait for a threat or attack to trigger your response, effective preparation is key in this situation. Call our MCDA CCG office – headquartered in Placentia, Orange County, California, to speak with one of our experts to find out how we can effectively meet your cybersecurity needs while saving you the substantial costs associated with conventional methods.
The call is free, contact us today.
More resources like this: