In 2020, the SolarWinds attack – resulting from a trojanized “backdoor” inserted into its Orion platform – sent shockwaves across the globe. This sophisticated attack impacted thousands of SolarWinds users, including government agencies and Fortune 500 companies.
SolarWinds was just one of many cyber attacks in 2020. During the year, cybercrime shot up by 600%, largely due to COVID-19. Now, the problem is so widespread that its global cost is over $1 trillion.
With so many threats emerging in the digital economy, your company must shore up its cyber defence strategy. To help you protect your company from security risks and breaches, security analysts and pen testers from Packetlabs have created this resource. Let’s get started.
1. Prevent Ransomware Attacks
Ransomware is one of the most expensive forms of cybercrime. Firms are often forced to reset their networks to deal with such intrusions, causing IT downtime and operational disruptions with a substantial financial impact. For instance, in 2019, a ransomware attack on a Norwegian firm affected its operations, ultimately costing a whopping $71 million.
In the world of ransomware, the best defence is always a good offence. This means taking advanced preventative actions to protect your company from security risks such as:
Take regular automated backups
With regular backups, there’s no reason for you to pay a ransom to an attacker because your files are already safe. This minimizes the attack’s impact. Just make sure that you take offline and offsite backups and not just cloud-based backups.
Minimize the attack surface
Insecure services like RDP, FTP, Telnet POP3, tools like PowerShell, and software that runs suspicious scripts increase the size of your attack surface and creates more ways for attackers to threaten you. To reduce its size and strengthen your security, leverage the strengths of a penetration testing team like Packetlabs. We can help you understand how attackers could breach your network, so you can take action to constrain risky behaviours.
Educating employees about keeping passwords strong and avoiding weak passwords like “CompanyName1” or “Spring2021” “Summer2021” can make a world of difference in strengthening your security posture. Creating policies around using complex passwords with a minimum password length and creating mandatory password resets will also proactively prevent ransomware attacked.
Endpoint detection and response (EDR) solutions can identify infections early and terminate them before they have a chance to cause too much damage.
Using Multi-factor authentication on external-facing applications like VPN and email to help protect your company from security risks. Multi-factor authentication verifies the user’s identity and provides an added layer of security on top of typical login credentials.
2. Implement Vulnerability Patch Management
Unpatched vulnerabilities are a prevalent entry point for cybercriminals. In a 2020 survey, 42% of respondents said that most data breaches in their organizations occurred because patches were not applied for a known vulnerability (or vulnerabilities). Even one unpatched vulnerability can result in costly security exploits, so it’s vital that you apply timely and continuous patches to all vulnerabilities. Try these strategies:
Create an inventory of production systems and security controls
Regularly monitor your assets to get an informed view of operating systems, version types, IP addresses, etc., in your ecosystem, along with their location and “owners.” Also, get insights into your firewalls and antivirus, what they’re protecting and where they’re sitting in your ecosystem. Knowing the “what is” is crucial to take steps towards the “what should be.”
Compare vulnerabilities to your inventory
Run your vulnerability management tool, assess the reported vulnerabilities, and understand which assets they affect. To get a more well-rounded picture of your security profile – plus a proper risk assessment and vulnerability prioritization – get experts like Packetlabs to conduct manual pen-testing. Based on the pen testing report, start applying patches to strengthen your cyber defence.
3. Mitigate Supply Chain Attacks
The SolarWinds compromise was a supply chain attack, a kind of compromise that targets the less secure elements in your organization’s supply chain. These include external vendors with access to your systems and data. Open-source software (OSS) is also vulnerable to such attacks. In fact, next-gen cyber attacks actively targeting them have grown by 430%.
Supply chain attacks are particularly dangerous since about 90% of all modern applications contain OSS and third-party APIs. To minimize the risk of supply chain compromises, implement these proven strategies.
Conduct regular pen tests
Automated application scanning tools can raise early alerts about any communication between enterprise applications and command and control servers. But they can’t match the level of detailed analysis of penetration testing. Only a human ethical hacker from a highly-trained team like Packetlabs can understand your supply chain risks and provide relevant recommendations to minimize them.
Implement Zero Trust Architecture (ZTA)
ZTA is rooted in the idea of “never trust, always verify.” To implement this model, you must identify how traffic moves across your enterprise network and create a micro perimeter to secure it. For this, you need deep visibility into your networks and systems, which only manual penetration testing can provide.
The Packetlabs team has analyzed the threats outlined here and has provided you with ways to protect your company from security risks. But these are only a small subset of the vast cybercrime landscape. To stay ahead of these threats and clever cybercriminals, organizations must double down on their cybersecurity efforts. This includes taking proactive action by committing to a pen test program with an industry-certified expert like Packetlabs. To know more about our pen testing services, click here. And if you’re ready for more than a VA scan?® get a free quote here.
10 January - Blog
Your Guide to Objective-Based Penetration Testing
14 December - Blog
2022 in Review and Our Predictions for 2023: Cyber-Threat Landscape
05 December - Blog
Choosing a Penetration Testing Company: Methodology & Certifications