This Month in Cyber Security: September 2020 (2:25)

by | Sep 29, 2020 | Security

New cyber security threats emerge on a weekly basis but are all of them relevant to your organization? Each month, our security team hosts a 30-minute webinar to discuss the latest threats, breakdown their applicability to small and medium-sized organizations, and cost-effective steps to mitigate risk. Let’s get into this month’s topics!

Ransomware

Throughout the month of September, we saw an increase in the number of ransomware attacks. One major story that reminded everyone of the risk of insider threats happened at a well-known business. An employee at Tesla was bribed $1M to leave a port open for a ransomware attack by a Russian hacker network. This employee later realized this was not such a good idea and reported it to Tesla, Tesla then reported this to the FBI and they were able to catch the hacker. Even though Tesla is a very large and well-known company, it is still important to note this can happen to anyone. If an employee is disgruntled enough, they can leave your network vulnerable to hackers by being lazy, turning off multi-factor authentication, or not closing the ports they open.

Countermeasures

It is important to know that even if there is a breach, it doesn’t have to spell disaster for your company. With proper countermeasures, you can minimize the effects. For example, we recommend using the “Detect, Protect, Respond” mentality. Building a strong Incident Response Plan (IRP) and assigning responsibilities in the event of an attack, can save valuable time and pain in the event of an attack. Remember, it’s not a matter of if, but when, you get attacked. To learn more about how to build or strengthen your IRP, check out our Modernization Checklist.

Authentication

Another major method of attack that skyrocketed this month, was the stealing of Office 365 credentials. The re-use of credentials across services makes it easier for hackers to guess and break into networks. Even though this is a huge issue, there is a simple solution. We recommend turning on Multi-Factor Authentication (MFA), this creates a stronger barrier between your network and the hacker. To learn more about MFA, check out our MFA in Office 365 page.

If you have questions about how you can better protect your network, give us a call at 630.832.0075 or send an email to info@peters.com to get started! Peters & Associates engineers are dedicated to securing your network; with 24/7 monitoring and support, our Managed Services and PULSE Alarm will never leave you guessing.

Check out the slide deck here.

Watch the full recording below: