Ransomware Attacks: Holiday Edition

Ransomware Attacks: Holiday Edition

The holiday season is here and many of us are looking forward to some time off to spend with our families. But hackers don’t take time off during the holidays. In fact, you’re more likely to be phished or hacked during a major holiday (remember the Kaseya attack that took place over July 4?). Here are some things you can do to minimize your risk of a breach or attack.

  • Identify key Incident Response staff and have them on-call. Incidents most likely occur after hours when you’re sound asleep. It’s important to have staff who are on-call and able to detect and respond to any adversaries attempting to infiltrate your environment. Utilizing a SIEM SOC solution is effective as they are available to provide 24/7 incident response at a fraction of the cost of hiring an entire team yourself.
  • Implement Multi-Factor Authentication (MFA). MFA is an authentication method requiring more than one way to confirm a user’s identity before logging in. MFA is one of the easiest ways to make it more difficult for hackers and adversaries to gain control of your users’ credentials. You should enable MFA so that if an adversary were to obtain a user’s password, they would need the additional authentication method to gain access. MFA can be deployed across several applications.
  • Review access to Administrator accounts privileges. When was the last time you reviewed your account privileges? Not everyone needs to have Admin access. Ensure that only those who truly need Admin access have it and those who are no longer with your organization are removed from all access when they offboard.
  • Use strong passwords. Creating and utilizing strong passwords is another basic principle to utilize in your layered defense strategy. Passwords should be at least 16 characters long and should be a combination of numbers, letters, and special characters. Avoid using personal details in your passwords. Consider using a password vault application like Bitwarden or LastPass to house your passwords and generate secure passwords periodically.
  • Block and/or restrict Remote Desktop Protocol. Remote Desktop Protocol (RDP) allows you to connect to a device on your network from another device. While it may seem like a good idea in theory, if an adversary has access to your network and RDP is enabled, you’ve now given them access to any device in your network.
  • Look before you click. Before you click the link in that Black Friday email, consider the source of the email. Is the email address of the sender a valid one? If you hover over the link is it sending you to a valid website? If the email seems “phishy,” don’t click the link. It could be an attempt to cipher your credentials or personal information.
  • Test your backups. Having a good backup is critical should you be the victim of an attack or breach. After you have determined what data you need to back up and how often you should back it up, you’ll want to test your backup. There’s nothing worse than determining you don’t have a good backup when you need it most.
  • Remind employees about their obligations to be secure. Creating a culture of security takes a village. Your users are your biggest threat, but they can also be your biggest ally too. Conduct annual security training with your users and encourage them to follow the policies and protocols in place to keep your environment and your data secure. When everyone is invested in security, it lowers your risk considerably.

Tego is here to help you create a strong, layered defense no matter what time of year it is. Contact us today to learn more.

About the author
Jennifer Vosburgh is a seasoned Marketing and Communications professional. With over 15 years of experience, she has a strong background in Marketing, Communications, and Event Management. As Vice President of Tego Data Systems in Raleigh, NC, Jennifer is responsible for delivering full-scale Marketing Campaigns across all platforms including website, email, social media, events, and more.

By using this website you agree to our updated Conditions of Use and consent to the collection and use of your personal information as described in our updated Privacy Notice, which includes the categories of data we collect and information about your preferences and rights.