Your team can either be your weakest link in the cybersecurity chain or your strongest. It all depends on the employee awareness training you provide.
Read More
Many organizations, especially small businesses, rely on username and password protocol as their primary cybersecurity protection method. They assume that requiring employees to use strong passwords, and then requiring regular changes them, is an adequate approach to cyberattack prevention. On the contrary: Relying primarily on passwords alone is not as secure as most of us are led to believe.
The Verizon 2023 Data Breach Investigations Report revealed two of the major findings that bear directly on this issue. Of the data breaches that were analyzed:
- 74% of all breaches include the human element, with people being involved either via Error, Privilege Misuse, Use of stolen credentials or Social Engineering.
- 83% of breaches involved External actors.
- Ransomware is present today in more than 62% of all incidents.
People Don’t Use Best Practices with Passwords
Most people don’t want to remember numerous usernames and passwords for multiple accounts and programs, and many don’t feel confident in their ability to accurately recall that information. More so, they dislike having to regularly change their password for individual accounts, and being forced to forget previous a password in exchange for new ones. To deal with this frustration, they tend to do one of two things (or both):
- Re-use the same usernames and passwords across multiple accounts
- Write down their usernames and passwords, and store them in their workspace (usually in a place that is easy to find, often on their desk or in a top drawer)
Recent stats reveal that 75% of people globally don’t adhere to widely-accepted password best practices with 64% either using weak passwords or repeat variations of passwords to protect their online accounts.
- Remember, 80 percent of all hacking-related breaches leveraged weak or stolen passwords
- Repeated passwords used on multiple sites increase the risk of successful breaches on internal company sites. If passwords on personal accounts (online shopping, banking, personal email, social media, etc.) match passwords on company sites (employee login, company email, etc.), hackers can apply those identical passwords to other accounts with the same or similar usernames – and many people use the same username format across multiple accounts (e.g., John_Doe, or John.Doe).
- This means that any password, no matter how strong it is, is vulnerable the more often it is used with multiple accounts, especially when it is associated with the same (or similar) username.
- If 83 percent of breaches were perpetrated by external actors, this means that 17 percent were committed by insiders. Many internal attacks don’t have to target one particular employee’s access; in many cases, accessing one member of a team or department (or even the entire company) is all that is required. Thus, having an employee record usernames and passwords, and store them in an obvious place, makes internal attacks much easier and more likely.
Passwords Are Not Enough
Having a system of employee usernames and passwords is not enough. Passwords, to be at all effective, need to be randomly generated strings of characters, changed frequently, and accompanied by two-factor authentication and protected by additional layers of security, backup and recovery, and monitoring. And even though 91% of people understand that reusing passwords is a security risk, more than 6 in 10 people admit to reusing passwords.(LastPass)
Passwords alone cannot protect your organization. Even passwords your employees use outside of your company – say for their pizza delivery service – can end up compromising your network. Credentials are a hot commodity on the dark web, and cyber criminals continue to find more sophisticated ways to steal credentials or trick employees into handing over credentials.
thinkCSC is here to help ensure your cybersecurity systems are strong and vibrant, to assist you in your preparation for and response to cyberattacks. Together, we can avoid the mistakes that are common among so many businesses and organizations, in the end becoming as secure as possible in today’s technological world.
Employees Can Be the First Line of Defense
While thinkCSC believes that employees will always be the first line of defense against ransomware attacks, the only real solution is for leaders of all –organizations – businesses of all sizes, government entities, schools, hospitals, and –others – to invest in stronger IT security that includes offsite backup and recovery and managed security. These protections, combined with ongoing staff training, password manager tools, multi-factor authentication, strict security policies, and constant vigilance, are an absolute necessity in today’s cyber-environment.
We are here to help you with all of your security needs, from password management and MFA to cybersecurity and more. Get in touch.
Phishing attacks so sophisticated that they are much more difficult to detect. Learn more with thinkCSC’s phishing guide.
Ransomware is getting worse but no matter how bad it gets, you can do more to thwart attacks with existing solutions.
Cybersecurity is everyone’s responsibility and we must all play a role in protecting personal and network data from cybercriminals.
Just as everyone was getting ready to celebrate Independence Day, a major cyberattack occurred. What made this ransomware attack different from others was that the cybercriminals went after MSPs, via Kaseya VSA – Kaseya’s RMM (remote monitoring and management) tool. By doing so, the perpetrators gained access to many of Kaseya’s MSP clients as well. More than 17 countries have now been impacted.
thinkCSC does not use Kaseya VSA. However, this should serve as yet another wake-up call to every business of every size that the risk is real: No one is immune to cybercrime. Another business is compromised every 11 minutes. And most of the time, the attacks are preventable. So instead of panicking, it’s time to take action.
Risk Assessment
If you don’t know where you’re vulnerable, you need to assess your risk. Our team can evaluate your existing security protocols and make suggestions for what needs to change to keep you safe. This is the place to begin, even if you already have an MSP partner, to make sure your data and your customers are protected.
Comprehensive Security
Experts have been predicting for years that cyber warfare is going to be the next global pandemic. We’re already seeing signs of large-scale threats disrupting everything from energy and food to medical care. There is no time to waste, no excuses not to act. If you don’t have comprehensive security in place, you are at risk.
What if…?
Consider what would happen if a data breach occurred at a local bank, an online shopping site, or a social media company. What if the cybercriminals were able to access thousands of usernames and passwords? What if one of these compromised passwords belonged to an employee in your organization? How would that impact your company?
You’re Only as Safe as Your Employees
Can you be sure that an employee has not reused a compromised password somewhere within your network? Do you have a password manager and multi-factor authentication in place? Do your employees know the risks and how to minimize them? If a threat becomes evident, do they act swiftly to minimize that threat by changing passwords and enabling 2FA on all of their accounts?
Employee Awareness Training Turns Your Team into a Strong Layer of Security
How capable are your employees of recognizing phishing emails? Do they know the steps to take if their data has been involved in a breach? Are they reusing the same passwords from their personal accounts on your business network?
In almost all of the major ransomware attacks that occur, there is a missing security element: a piece of software has gone unpatched; a former employee’s access to the network has not been rescinded; an employee is tricked into wiring money to a hacker because of a convincing email. Employee awareness training can help eliminate that risk.
In the time it took you to read this article, another business will experience a ransomware attack. Will yours be next?
We all have an opportunity to use these latest threats as a reminder to shore up our security, both personally and within our organizations. There is no more time to lose. The next ransomware attack is already underway. If you’re not sure where to begin, get in touch with our team to talk about risk assessments, employee awareness training, and comprehensive cybersecurity solutions.
A critical layer of security you should have, designed specifically to thwart cryptoware and ransomware, is offsite replication.
Incident response planning not only helps you mitigate risk but also helps you identify gaps in your cybersecurity to prevent attack.
IT strategy keeps your business safe. It’s essential to have the right people at your IT strategy planning meeting.
The threat landscape of COVID-19 is perilous. thinkCSC put together these guidelines for clients and shared the information directly with them via email, but any organization will benefit from these resources and guidelines.
COVID-19 Specific Security Recommendations
This information from the FTC should be shared with your remote workforce to ensure the security of your network as well as theirs.
- Don’t respond to texts, emails or calls about checks from the government. Additional information is available here.
- Ignore online offers for vaccinations and home test kits. There are no products proven to treat or prevent COVID-19 at this time.
- Hang up on robocalls. Scammers are using illegal robocallsto pitch everything from low-priced health insurance to work-at-home schemes.
- Watch for emails claiming to be from the CDC or WHO. Use sites like govand usa.gov/coronavirus to get the latest information. And don’t click on links from sources you don’t know.
- Do your homework when it comes to donations.Never donate in cash, by gift card, or by wiring money.
CISA also has several recommendations worth sharing:
- Avoid clicking on links in unsolicited emails and be wary of email attachments. See Using Caution with Email Attachmentsand Avoiding Social Engineering and Phishing Scams for more information.
- Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.
- Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scamsfor more information.
Phishing Scams Abound
We expect an increased phishing threat used mostly to steal personally identifiable information. Here is some additional information on avoiding various phishing threats.
CISA offers several guidelines to increase awareness for social engineering and phishing attacks. You can also download the thinkCSC email security guide (PDF). Read and share our resources on email security and phishing.
Is Zoom Secure?
Zoom continues to be a threat to your infrastructures and data. As securing a product is a lengthy endeavor, thinkCSC would suggest switching to a more mature product with greater security built in. If that’s not possible, here are some tips to help make meetings more secure. Also, make sure to always update your Zoom product when asked.
- Don’t publicly share your Zoom “Meeting ID.” Send it directly to the people you want on the call.
- Set a password for the meeting, then share that only with the right people.
- Make sure “screen sharing” is set to “Host Only.” That prevents other people on the call from abruptly blasting text or images onto the other participants’ screen — a favored tactic of “Zoombombing” trolls.
- Use the “waiting room” feature. It prevents new participants from joining the call until the host approves.
General Security Posture
While phishing and similar attacks will be on the rise, overall systems security will also be tested with the increased COVID-19 threat landscape. Provided are links with additional information and as always you can contact your thinkCSC team for details.
- Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.
- Alert employees to an expected increase in phishing attempts.
- Ensure IT security personnel are prepared to ramp up the following remote access cybersecurity tasks: log review, attack detection, and incident response and recovery.
- Implement MFA (multiple forms of authentication in addition to username and password) on all VPN connections to increase security.
NSA (PDF)
- Update and Upgrade Software
- Defend Privileges and Accounts
- Enforce Signed Software Execution Policies
- Exercise a System Recovery Plan
- Actively Manage Systems and Configurations
- Continuously Hunt for Network Intrusions
- Leverage Modern Hardware Security Features
- Segment Networks and Deploy Application-Aware Defenses
- Integrate Threat Reputation Services
- Transition to Multi-Factor Authentication
Be sure to review thinkCSC’s information on teleworking safely and our latest security alert.
thinkCSC is ready to help ensure the continuity of your business. While we may have entered uncharted territory with regard to this pandemic and the increased COVID-19 threat landscape, thinkCSC continues to be at your service. Please get in touch if you need support for your remote workforce. If you have questions or concerns regarding your organization’s security, get in touch.
Recent Comments