Cyber Defense eMagazine January 2020 Edition

More documents

Recommendations

Info

38 · Password attacks - In this situation, an automated system is used to generate various password combinations in an attempt to try and access a particular network. Consistently changing the users’ passwords, accounts and admin credentials is one way of fighting this crime. The credentials can be changed in period intervals preferable to the business. It's easy enough to do this quarterly or even monthly. · Ransom-ware– This type of attack encrypts a device on a network and locks it down, rendering the device unavailable to the user until there is a payment. Some hackers may remove the encryption and unlock the device after payment. In some extreme cases, the hackers do not remove the encryption, forcing the business to incur more expenses in recovering the device. · Website hijacking – In this scenario, hackers set up a legitimate website to download viruses and malware to any device that accesses the site. Legitimate sites are often not on the blacklist. Therefore, website hijacking can go unnoticed for quite some time, and this makes it a dangerous cyber-attack Ways of Preventing Cyber Attacks for Small Businesses Hackers and other cyber criminals are discovering new ideas every day to access small businesses' computers, networks and information. If you’re in the UK you can benefit from Cyber Essentials. Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security. It's hard to prevent cyber-attacks completely, but small business owners should always strive to educate themselves so they don't fall victim to one. Below are some ways of minimizing such attacks: · Use of anti-virus and firewalls. This is one of the most common methods of dealing with malware. However, the anti-virus and firewall should be regularly updated to counteract any viruses, programs, and network or DDoS attacks. Encryption tools should also be used to scan files and links for malware. · Minimize the use of removable media, such as USB drives, on the business’s computers. Additionally, it is advisable to routinely monitor and scan every device connected to your network or computer system. · Make daily back up and duplicates of all files and data. This way, it will be easy to restore your data in the event of a digital attack which compromises the system or network. · Limit the employees' access to files, folders and programs required for critical routine tasks. · Always remind the employees to stay away from unsolicited links and attachments in emails. · Carry out regular vulnerability tests and risk assessments on computer systems and networks. This helps to identify and rectify possible entry points into the net. 38
39 · Provide staff especially those in the IT department, with training on the current online threats and trends in digital attacks. · Using multifactor authentication. This is adds a layer of security, so there are more hurdles for an attacker to bypass before they get access to sensitive information. · Invest in Cybersecurity insurance. Cyber criminals are becoming more and more sophisticated, meaning they can strike even the most security-conscious companies. Most of the insurance policies today will cover the cost of any lost data, as well as partly pay for the process of recovering any lost information. · Protect your hardware that contains essential data such as hard- drives, USB drives, and laptops. Losing such equipment could have severe implications on the security of the company if it landed in criminals’ hands. Conclusion Loss of data has been one of the significant challenges that organizations face and fall victim to. Cyberattacks are on the rise today, with 43% of the attacks targeting small and medium businesses. Cyber criminals are getting wiser and more cunning by the day. They are continually designing new ways of infecting businesses' computers with malware with the aim of stealing sensitive data and disrupting the core activities of an organisation. Business cyber security needs to be a priority, with the whole organisation providing a united front. The options highlighted above can be used to minimize and negate the occurrence of cyber-attacks in small businesses. Regular backups, duplicating files and data, installing updated anti-viruses, and limiting the use of removable media on the business’s computers are some of the best ways to minimize cyberattacks and improve security. Companies must also train all their staff on cyber-security and establish a robust security strategy. About the Author Jonathan Krause, Owner of Forensic Control. He is a leading cyber security and digital forensic specialist based in London, UK. After working as a computer forensic specialist in the Hi-Tech Crime Unit for the Metropolitan Police at New Scotland Yard, Jonathan founded Forensic Control in 2008. Since then, Jonathan and his team have advised on hundreds of data breaches for corporate clients of all sizes. Jonathan can be reached online at jonathan@forensiccontrol.com and at our company website https://www.forensiccontrol.com/ 39
Page 1 and 2: 1 Best Practices for Building A Com
Page 3 and 4: 3 CONTENTS Welcome to This Very Spe
Page 5 and 6: @CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8: 7 7
Page 9 and 10: 9 9
Page 11 and 12: 11 11
Page 13 and 14: 13 Your website could be vulnerable
Page 15 and 16: 15 15
Page 17 and 18: 17 17
Page 19 and 20: 19 19
Page 21 and 22: 21 A further challenge arises from
Page 23 and 24: 23 About the Author Haythem Hammour
Page 25 and 26: 25 Focus on detection Although prev
Page 27 and 28: 27 What’s the Security Misconfigu
Page 29 and 30: 29 As more and more businesses begi
Page 31 and 32: 31 Industries under threat Accordin
Page 33 and 34: 33 How to Know If Someone Is Watchi
Page 35 and 36: 35 you are running in the backgroun
Page 37: 37 These stats make it clear why sm
Page 41 and 42: 41 The current state of insecurity
Page 43 and 44: 43 3. Support heterogeneous network
Page 45 and 46: 45 • Enables troubleshooting of i
Page 47 and 48: 47 It’s not just medical research
Page 49 and 50: 49 Europe Cybersecurity Market Size
Page 51 and 52: 51 Some of the key vendors in the E
Page 53 and 54: 53 Iot Security and Privacy Securit
Page 55 and 56: 55 information such as DNA informat
Page 57 and 58: 57 Lessons Learned Unlike newer pro
Page 59 and 60: 59 Seven Security Predictions For 2
Page 61 and 62: 61 will target state and local vote
Page 63 and 64: 63 7) Attackers Will Find New Vulne
Page 65 and 66: 65 Certification Programs There are
Page 67 and 68: 67 Fraud: A Look Back At 2019 And W
Page 69 and 70: 69 technologies. They’re also col
Page 71 and 72: 71 • A list of valid credentials
Page 73 and 74: 73 Making the Transition The shift
Page 75 and 76: 75 to get a view on the entire IT e
Page 77 and 78: 77 The Decade Ahead for Cybersecuri
Page 79 and 80: 79 About the Author Matthew Gyde is
Page 81 and 82: 81 datacenters before heading out t
Page 83 and 84: 83 About the Author Paul Martini is
Page 85 and 86: 85 85
Page 87 and 88: 87 87
Page 89 and 90:
89 89
Page 91 and 92:
91 91
Page 93 and 94:
93 93
Page 95 and 96:
95 95
Page 97 and 98:
97 97
Page 99 and 100:
99 99
Page 101 and 102:
101 101
Page 103 and 104:
103 You asked, and it’s finally h
Page 105 and 106:
105 TRILLIONS ARE AT STAKE No 1 INT
Page 107 and 108:
107 107
Page 109 and 110:
109 109
Page 111 and 112:
111 111
show all

Cyber Defense eMagazine January 2020 Edition

Create successful ePaper yourself

Delete template?

Save as template?