The current war between Russia and Ukraine is unprecedented and has generated widespread concern about the rise of cyberattacks on a scale never seen before. A series of new movements occur daily and there is no way to predict what will happen next – or even what will be the impacts that these cyber attacks and invasions will have on government and corporate environments of companies globally.
And this concern does not stem only from the actions of Russia and Ukraine, both in the physical environment and in the cyberneticbut also what many are already aware of: cybercriminals, hacktivists and vandals also thrive in times of chaos and uncertainty like this.
It is important to remember what we can do to ensure greater protection during this period. And these recommendations are the same ones that can – and should – guide us every day, especially in crisis situations. We just need to remember them and act on them.
In light of this, focusing on five specific and concrete action areas can help everyone to better protect themselves and organizations from attacks during this period of uncertainty. Let’s go to them:
Alert and educate users about increased risks
User education is always a fundamental part of any software cyber security, as people are key links in defending against attacks. With all that’s going on, people may not be thinking about the increased risk of cybersecurity and everyone’s role in helping protect themselves and organizations. It is essential to guide that this is a time of greater risk and that they need to be even more cautious than usual against phishing, malicious links and email attachments.
Update systems, mobile devices, IoT, applications and network devices
Keeping systems up to date with patches against vulnerabilities is, more than ever, crucial for organizations. Although people are used to updating mobile devices and computers automatically, it is important to remember to update IoT devices, routers, firewalls, software and remote access devices.
That’s why it’s critical to ensure that everything is on the latest version available, not just your personal devices.
Run and update all security software
Have one security software across all your endpoints is critical to providing protection against attacks. Outdated or misconfigured security software, however, not only fails to protect, but can give a false sense of security.
As such, it is paramount to take the time to ensure that people not only have this software installed, but that it is also fully up-to-date and correctly configured. Therefore, it is necessary to verify that there are updated versions to be installed on the endpoint antivirus, either through login or management consoles.
Secure accounts and devices from remote access
Lately, we have seen ransomware and more sophisticated attacks being successfully executed through remote access to ingress the target network. This problem has become more serious since the beginning of the pandemic and remote access has become more common.
Two specific actions that should be implemented to better protect organizations against these types of attacks are to ensure that remote access devices and software are up to date and that only valid accounts have the capabilities for this type of access. If the person or company is not using multi-factor authentication (MFA) to secure remote access, it is critical to implement it as soon as possible.
Make and verify backups
Good, reliable, usable backups can be a parachute and a safety net rolled into one. This can help with recovery after major cyber attacks, such as ransomware. They also serve to assist in the restoration of physical threats such as natural or man-made disasters.
But backups only work if they are done correctly and can be restored. That’s why it’s important to ensure that you not only have a good backup strategy in place, including off-local network storage, but that you can successfully restore them quickly and effectively. A good rule of thumb is the “3-2-1 Rule”:
André Carneiro, a columnist for TecMundo, has nearly 20 years of experience in the security industry. At Sophos, he previously served as a channel account executive and sales engineer. Since September 2019, he has been the brand’s Country Manager for Brazil and, in this position, he leads Sophos’ growth strategy in Brazil, expanding the company’s reach in different markets.