Menu

Cybersecurity

Three Ways To Survive A Ransomware Attack

Young Asian male frustrated, confused and headache by WannaCry ransomware attack on desktop screen, notebook and smartphone, cyber attack internet security concept

By Efrem Gonzales

There’s been a great deal of talk about the recent WannCrypt/WannaCry ransomware attack. The virus targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in Bitcoin. The result was more than 230,000 computers in more than 150 countries hit, including FedEx, the UK’s National Health Service, Spain’s Telefónica and others. 

The biggest issue for those affected was that it all could have been avoided. Microsoft issued a “critical patch” for its newer operating systems nearly two months before to remove the underlying vulnerability. In other words, improper network management was the bigger culprit in this incident.

Take the lessons to be learned here. More to the point, here are three ways that companies can ensure the likes of a WannaCry-type of attack doesn’t wreak havoc on their organization.

Be Diligent In Security Updates

Establish processes to upgrade equipment systematically. This doesn’t mean to accept updates or set your gear to download modifications automatically. Nevertheless, your company should formalize stated policies and procedures that consistently looks at updates and their potential impacts — both good and bad — to your network. Prioritize which ones — especially ones deemed “critical” — to implement. Set up a “proof of concept,” or test environment, before going live with any updates.

Identify Roles and Responsibilities By Name

Highlight specific individuals by roles, job duties and the equipment they manage. This also helps orchestrate how data will flow through the network. Go a step further by empowering your team to take ownership of particular aspects of the network and incentivize their efforts to keep it operating in a highly efficient and protected environment.

Segment Your IT Network

Should a hacker infiltrate one area, it is far less likely their disruption will spread across your entire landscape. Segmenting the network can also make it easier to maintain your IT infrastructure. You’ll detect abnormalities, such as an unusually high level of activity or traffic at odd hours, faster and create fixes for them in quicker fashion.

As important, though, is how your organization segments its IT assets. Don’t arbitrarily decide what equipment and data are housed in one area versus the other. Keep servers and workstations separate. Doing otherwise defeats the purpose of segmentation. Otherwise, a user who takes a phishing bait will allow the perpetrator to bypass all protective firewalls and access to the entire server farm in short order.

While we don’t know when the next attack will come, it will be prudent to surmise that one is coming and organizations that haven’t keep a keen eye on their system’s network vulnerabilities will become victims.

About the Author: Efrem Gonzales is the Founder and CEO of Tec-Refresh, a nationwide provider of IT infrastructure, cyber security, data and networking solutions and support services. He can be reached at efrem.gonzales@tec-refresh.com.

Three “Never Do’s” In Cybersecurity

Child saying no. Toddler lifting hand in protest isolated on white background.

 

We recently penned a piece on three things organizations should always do when creating a stable foundation for a secure network. We understand how overwhelming it can get when trying to keep up with all facets of protecting the precious information housed within an IT infrastructure. We wrote that article to provide some perspective in what must occur at all costs.

With that in mind, let us provide you a similar piece on three things NEVER to do when running a network:

Take Security Lightly
Many organizations view the task as overhead; a cost center if you will. There’s a business case to be made for the strategic importance of planning and implementing company-wide security initiatives with the goal of driving behavior throughout the organization.

Instead, view security as a channel for doing business. That means ensuring that an adequate budget and right toolsets exist to help employees stay productive and drive revenue. The lack of appropriate security controls will only increase the risk of downtime — often when it’s least convenient — and kill profits as well as raise liability exposure.

Believe You Are Too “Small” To Be Hacked
We often hear the argument from small to mid-sized organizations that feel hackers will opt to not go after their networks and focus instead on larger firms. The belief is that these criminal elements won’t view the effort as worthwhile.

Nothing could be further from the truth. Hackers will not discriminate based on your size. Every organization is connected to each other in a wide range of forms, so accessing one organization to get to another is commonplace and, if not addressed, easy.

Moreover, deploying a program that infiltrates millions of networks simultaneously takes very little effort for the savvy criminal elements that operate in today’s cyber landscape. In fact, the chances are good that you’ve already been hacked at some point, but don’t even know it.

Be Unclear On Security Roles
It’s one thing to have a plan but quite another to execute. We’ve seen many instances where an organization’s cyber security policies look good on paper but fail in its implementation.

Ensure staff members know their responsibilities for things such as log reviews, security patch management, and the like. Employ third-party services if necessary to keep up to date on these and other issues. What’s more, regularly review these activities against stated business goals, including uptime, data transfer rates and the like. The devil will always be in the details.

Keep in mind that these “never do’s” will assist organizations in balancing the divergent, yet business critical, objectives of maintaining productivity AND network security high. They will serve as the key elements to promote operational efficiency and ensure business continuance in the event of a disaster. Over time, your IT costs will not only be as small as possible but generate a measurable return on investment as it assists in driving the maximum amount of revenue per employee.

About the Author: Efrem Gonzales is the Founder and CEO of Tec-Refresh, a nationwide provider of IT infrastructure, cyber security, data and networking solutions and support services. He can be reached at efrem.gonzales@tec-refresh.com.

The Right IT Segmentation Can Save Your Network

iStock_000040640028_Medium

It’s not uncommon for an organization’s IT network’s topography to be relatively flat. By this, I mean a company’s data infrastructure has many ways for someone to access it from the outside.

At first glance, it would appear that such configurations would be clean, efficient and easy to manage. The opposite is true. These types of systems are easily infiltrated, hard to maintain and a great risk to business operations.

Hackers will find that there are plenty of opportunities to trick an employee into providing them a conduit to their company’s mission critical data in a flat IT architecture environment. They are sophisticated in their outreach and effective in making the team member believe their request for personal and corporate information is a legitimate one. Before you know it, your network is breached and a large operational, legal and financial headache is on your shoulders.

If the network I described sounds remarkably similar to yours, it might be a good idea to develop a plan to segment duties across multiple networks. Should a hacker infiltrate one area, it is far less likely their disruption will spread across your entire landscape. Believe it or not, segmenting the network can also make it easier to maintain your IT infrastructure. You’ll detect abnormalities, such as an unusually high level of activity or traffic at odd hours, faster and create fixes for them in quicker fashion.

As important, though, is how your organization segments its IT assets. Don’t arbitrarily decide what equipment and data are housed in one area versus the other. Keep servers and workstations separate. Doing otherwise defeats the purpose of segmentation. Otherwise, a user who takes a phishing bait will allow the perpetrator to bypass all protective firewalls and access to the entire server farm in short order.

Be sure to also set up processes to upgrade equipment systematically. Don’t “blanket” accept updates or set your gear to download modifications automatically. Formalize stated policies and procedures that look at the updates and their potential impacts to your network. Prioritize which ones are necessary as opposed to “nice to haves.” Set up a “proof of concept,” or test environment, before going live with any updates. It will be important to ensure no downtime occurs when upgrading your network.

Segmenting your IT infrastructure is becoming a more common practice, as it should be. For a network to be as secure as it can be, it’s vital to have the right segmentation scheme. In this day and age where employees have access to critical company data 24/7 and from multiple devices, there is no other recourse. The time period of granting access only through a desktop computer during normal working hours is long gone. Businesses fully appreciate that employees, customers, partners and other stakeholders need access to information around the clock and through many different ways. Properly segmenting your network is no longer a nice to have, but a “must do.”

About the Author: Efrem Gonzales is the Founder and CEO of Tec-Refresh, a nationwide provider of IT infrastructure, cyber security, data and networking solutions and support services. He can be reached at efrem.gonzales@tec-refresh.com.