In 2020, the SolarWinds attack – resulting from a trojanized “backdoor” inserted into its Orion platform – sent shockwaves across the globe. This sophisticated attack impacted thousands of SolarWinds users, including government agencies and Fortune 500 companies.
SolarWinds was just one of many cyber attacks in 2020. During the year, cybercrime shot up by 600%, largely due to COVID-19. Now, the problem is so widespread that its global cost is over $1 trillion.
With so many threats emerging in the digital economy, your company must shore up its cyber defence strategy. To help you protect your company from security risks and breaches, security analysts and pen testers from Packetlabs have created this resource. Let’s get started.
Ransomware is one of the most expensive forms of cybercrime. Firms are often forced to reset their networks to deal with such intrusions, causing IT downtime and operational disruptions with a substantial financial impact. For instance, in 2019, a ransomware attack on a Norwegian firm affected its operations, ultimately costing a whopping $71 million.
In the world of ransomware, the best defence is always a good offence. This means taking advanced preventative actions to protect your company from security risks such as:
With regular backups, there’s no reason for you to pay a ransom to an attacker because your files are already safe. This minimizes the attack’s impact. Just make sure that you take offline and offsite backups and not just cloud-based backups.
Insecure services like RDP, FTP, Telnet POP3, tools like PowerShell, and software that runs suspicious scripts increase the size of your attack surface and creates more ways for attackers to threaten you. To reduce its size and strengthen your security, leverage the strengths of a penetration testing team like Packetlabs. We can help you understand how attackers could breach your network, so you can take action to constrain risky behaviours.
Educating employees about keeping passwords strong and avoiding weak passwords like “CompanyName1” or “Spring2021” “Summer2021” can make a world of difference in strengthening your security posture. Creating policies around using complex passwords with a minimum password length and creating mandatory password resets will also proactively prevent ransomware attacked.
Endpoint detection and response (EDR) solutions can identify infections early and terminate them before they have a chance to cause too much damage.
Using Multi-factor authentication on external-facing applications like VPN and email to help protect your company from security risks. Multi-factor authentication verifies the user’s identity and provides an added layer of security on top of typical login credentials.
Unpatched vulnerabilities are a prevalent entry point for cybercriminals. In a 2020 survey, 42% of respondents said that most data breaches in their organizations occurred because patches were not applied for a known vulnerability (or vulnerabilities). Even one unpatched vulnerability can result in costly security exploits, so it’s vital that you apply timely and continuous patches to all vulnerabilities. Try these strategies:
Regularly monitor your assets to get an informed view of operating systems, version types, IP addresses, etc., in your ecosystem, along with their location and “owners.” Also, get insights into your firewalls and antivirus, what they’re protecting and where they’re sitting in your ecosystem. Knowing the “what is” is crucial to take steps towards the “what should be.”
Run your vulnerability management tool, assess the reported vulnerabilities, and understand which assets they affect. To get a more well-rounded picture of your security profile – plus a proper risk assessment and vulnerability prioritization – get experts like Packetlabs to conduct manual pen-testing. Based on the pen testing report, start applying patches to strengthen your cyber defence.
The SolarWinds compromise was a supply chain attack, a kind of compromise that targets the less secure elements in your organization’s supply chain. These include external vendors with access to your systems and data. Open-source software (OSS) is also vulnerable to such attacks. In fact, next-gen cyber attacks actively targeting them have grown by 430%.
Supply chain attacks are particularly dangerous since about 90% of all modern applications contain OSS and third-party APIs. To minimize the risk of supply chain compromises, implement these proven strategies.
Automated application scanning tools can raise early alerts about any communication between enterprise applications and command and control servers. But they can’t match the level of detailed analysis of penetration testing. Only a human ethical hacker from a highly-trained team like Packetlabs can understand your supply chain risks and provide relevant recommendations to minimize them.
ZTA is rooted in the idea of “never trust, always verify.” To implement this model, you must identify how traffic moves across your enterprise network and create a micro perimeter to secure it. For this, you need deep visibility into your networks and systems, which only manual penetration testing can provide.
The Packetlabs team has analyzed the threats outlined here and has provided you with ways to protect your company from security risks. But these are only a small subset of the vast cybercrime landscape. To stay ahead of these threats and clever cybercriminals, organizations must double down on their cybersecurity efforts. This includes taking proactive action by committing to a pen test program with an industry-certified expert like Packetlabs. To know more about our pen testing services, click here. And if you’re ready for more than a VA scan?® get a free quote here.
October 24 - Blog
Packetlabs is thrilled to have been a part of SecTor 2024. Learn more about our top takeaway's from this year's Black Hat event.
September 27 - Blog
InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.
September 26 - Blog
Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.
© 2024 Packetlabs. All rights reserved.