Cyberattacks will continue. In fact, federal security agencies recently issued warnings to businesses and other organizations to improve defenses against possible Russian-sponsored cyberattacks, especially given the rise in tensions between Ukraine and Russia.
The agencies are recommending that organizations should:
• Ensure all system updates and patches have been installed on software to minimize vulnerabilities
• Require multifactor authentication for all uses
• Establish an enhanced password policy that includes resetting passwords on a regular basis
• Utilize antivirus software
• Develop a recovery plan that would be utilized in the event an attack occurred
In our last newsletter we also recommended that you:
• Utilize encrypted email and/or portal solutions for transmitting files
• Provide training for staff to educate them on current threats including phishing, smishing, vishing, and ransomware attacks. Also, remind staff to never provide login credentials or download a file without first confirming the identity of the sender/caller
• Review your insurance policy to determine the extent your policy covers cyber-related activities
If a breach or threat has occurred on your system, the agencies suggest the following steps:
• Isolate impacted systems as soon as possible
• Make sure your backup files are secure. Before restoring your backup files, you should scan your backups with an antivirus program to make sure it is free of viruses and malware
• Secure and review all logs and related data
• Seek professional, third-party, assistance to make sure that the threat is eradicated and there is no opportunity for residual exploitation
• Report the event to the appropriate agency. The FBI (CyWatch) maintains a dedicated 24/7 number at 859-292-3937