In this article to mark #CybersecurityAwarenessMonth, Expleo’s Helmi Rais recommends a back-to-basics approach to combat the recent surge of attacks caused by the disruption of the COVID pandemic.
从网络刑事的角度来看,Covid-19大流行的到来是一个令人欢迎的惊喜。网络钓鱼诈骗和赎金软件的复杂性已经处于高水平。随着快速开关从家中工作,攻击表面和矢量乘以一夜之间。
Lockdown put companies in a precarious position. They had to keep their people working for obvious financial and operational reasons. But this came with an increased risk of attack. The change was all so sudden that many companies lacked the necessary remote access tools to fix vulnerabilities on employee devices. Inevitably, people made choices at home they wouldn’t consider in the office. They installed software and tools, data storage solutions or personal devices that rendered the system vulnerable. The furloughing of employees also strained control measures.
In short, people let their guard down during the pandemic. For example, a 40% surge in machines running Remote Desktop Protocol (RDP) connections causedRDP Brute Force attacks to skyrocketin March and April alone. Users today are almost三倍可能to click on a phishing link and then enter their credentials, than they were pre-COVID. Of course, many of those scams had a COVID-related theme, which played on their victims’ hopes and fears.
Risk-based strategies
So, what’s to be done? How can companies regain control when the opposition is getting smarter and their defences are compromised by不可抗力? We are compelled to go back to basics. Identify what is important to the business and then focus security controls to optimise energy and effort from that position of clarity. This means Security by Design and a risk-based strategy. We must be exhaustive in the identification of different assets and embed security in the DNA of a new project. An internal audit to classify all assets is a good place to start.
在战争的艺术中,中国普通孙子写道:“知道你的自我,了解你的敌人。一千个战斗,一千次胜利“。这个建议仍然是2500年后的待遇。您在信息系统中有哪些类型的服务器,网络组件,硬件或软件?你的弱点是什么?如果你是敌人,你会如何攻击自己?
Think two moves ahead…
如果组织没有完全可见的完全安全环境,或者如果他们无法对他们最曝光的漏洞进行修复,那么他们可能会成为攻击的受害者。安全评估和缓解政策都是关键步骤,无论您是嵌入式汽车的工程嵌入式系统的银行,零售商或制造商。
前FBI总监Robert Mueller一旦指出,只有两种公司:那些被黑客攻击的人和那些。如果攻击是不可避免的,那么我们必须关注检测时间和响应时间。我们限制黑客机会窗口的能力是一个竞争优势。如果是三天,这是可管理的。如果是三年,那么它可以证明终端。
将网络安全视为国际象棋游戏。然而,嗯,你玩,你必须期望沿途失去一些碎片。这就是如何回答这一问题 - 尽可能接近攻击时刻。自动化支持的正确反应计划将使促进损害。通过在侵略者之前保持两个举动,您可以快速搁置您的防御。
没有愉快的时刻被黑攻击,但现在,当需要开展业务连续性,品牌信托和财政稳定性可能会进行或突破,公司必须优先考虑网络安全。投资欠款只是要求麻烦。
