As you may know, many organizations last year learned the hard way that cyberdefense needs to be a core part of their mission. In March, the cybercrime gang known as Hafnium made global news when it attacked tens of thousands of organizations around the world through vulnerabilities in Microsoft’s Exchange software. That gave the cybercriminals access to confidential information, including usernames and passwords, intellectual property, and material that could be used for blackmail. It took an unprecedented move by the FBI to prevent the Hafnium attack from being catastrophic.
A few months later, the criminal organization Darkside compromised the networks of Colonial Pipeline via a ransomware attack that again required assistance from the FBI. You may recall that episode created a fuel shortage in parts of the country. By September, the number of data breaches in the U.S. had already exceeded 2020’s record-breaking incidents by more than 15%. And in December, a vulnerability found in Log4j, an Apache logging framework, led to what’s been called the biggest cyberattack in history—so disruptive that Wired ran its story under the headline ‘The Internet Is on Fire.’
Nobody should believe that the increasingly sophisticated and well-funded cybercriminal operations—some of which are sponsored by our nation’s adversaries—plan to back off in 2022. And, partly thanks to these high-profile cyberattacks, cybersecurity awareness is growing, and many organizations understand that ransomware prevention, phishing prevention, and malware prevention are as important as any other core business practice.
Here are some of the threats you can and must avoid in the coming year.
1. Ransomware attacks remain a major threat.
Far too many organizations are finding themselves in a situation where all of the data on their network has been encrypted, and a criminal organization is demanding a large amount of money for the key. They find that they can’t access any of their files, databases, or applications, and that the ransomware has spread across their entire network of databases and file servers. Often, this leaves the organization completely paralyzed. In 2021, the bad actors employing this practice demanded and got an average of $170,000 from the victims.
One reason the prevalence of this crime is rising so steeply is that it works—a shocking number of organizations do not have sufficient cyberdefense software in place and are easily overpowered by the cyberweapons being wielded by the ransomware gangs.
The good news is that current cybersecurity technology allows you to defend your organization from ransomware attacks and other cybercrimes. Putting an effective cyberdefense suite in place isn’t rocket science, but it is computer science, and involves straightforward products and services that deliver email security protection, endpoint device security, firewall protection, and more.
2. Phishing is still the number-one vector for malware.
Spear phishing, one of the oldest tricks in the cybercrime book, is still the main way bad actors plant ransomware and other malicious software. As always, most of the malevolent code is delivered via an email message that contains either a poisonous attachment or a link to a website that can infect a careless or untrained employee’s device, and then your entire corporate environment.
Again, there is a science to email security, and there are specific steps you can take to keep your organization’s email secure. If you have a hard time understanding why any of your employees would open an email from someone they don’t know when we’ve all known about phishing for years, keep in mind that today’s cybercriminals steal identities and work with marketing teams to compose irresistible subject lines that play on people’s fears.
We like to say that your best defense against the biggest threats is your “human firewall.” To achieve true cyberattack prevention, you need to provide employee cybersecurity training. We generally find that people want to be empowered with the tools to keep themselves and their organization safe.
3. The endless threats created by ineffective patch management.
Last week, with the Log4j tsunami of cyberattacks continuing, the Microsoft threat intelligence team issued a warning. “The Log4j vulnerabilities represent a complex and high-risk situation for companies across the globe,” it read. “With nation-state actors testing and implementing the exploit and known ransomware-associated access brokers using it, we highly recommend applying security patches and updating affected products and services as soon as possible.”
Suddenly patch management is in the headlines, which could be a good thing. Patching, bug-fixing, and upgrading code to protect against vulnerabilities is a complex set of processes and is vital to your security.
Too few people in business take patching seriously enough. In fact, a recent study showed that seven out of 10 IT security professionals find patch management to be overly complex and time-consuming. As a result, their organizations are vulnerable. But again, there is good news: you can contract to receive Patch Management as a Service (PMaaS) and quickly have a team of experienced security experts managing the cyclical patching process while you and your team focus on critical business activities.
I hope you found this information helpful. As always, contact us anytime about your technology needs.
Until next time,