5 Ways to Respond to a Busy Month of Hacks
Cybersecurity Awareness Month ended on October 31st, and it ended on a frightful note. In a single week, international media company Thomson Reuters announced that three terabytes of sensitive global data were accidentally leaked. The Indianapolis Housing Agency revealed that a ransomware attack shut down email and IT systems while compromising the personal information of 25,000 residents, landlords, and third-party vendors.
Most shockingly, in Australia, five major cyberattacks were reported in October alone. These impacted some of the country’s biggest corporations in health care, pharmaceutical, e-commerce, and telecommunications. Dubbed “The Great Australian Hack” by Bloomberg News, the breaches affected the medical records, credit card numbers, and passwords of 16 million Australians—or two-thirds of the entire continent’s population.
How Did These Hacks Happen?
The sources of such far-flung digital threats varied widely. Some were caused by unprotected databases. Others were caused by undetected intrusions. Some stolen data was discovered on the dark web. Some individual bank accounts were hacked to the tune of just $120. Meanwhile, cybersecurity experts warned that some leaked information could potentially be used to disrupt global supply chains.
What Can I Do to Protect My Business?
As the frequency and complexity of digital threats increase, there are many ways to keep your business safe. CMIT Solutions recommends the following five tips to protect your information and strengthen the safety of your systems:
1. Back up your data regularly, remotely, and redundantly. No matter what threats your company faces, the best way to bounce back from a security issue is with a reliable data backup. These should be executed automatically on a weekly (if not daily basis) and stored in multiple locations. In the event of a ransomware or virus infection, affected systems can be wiped clean and a recent backup can be used to restore data. That helps your business bounce back and return to regular day-to-day operations.
2.Implement multi-factor authentication (MFA) and single sign-on (SSO) solutions. MFA and SSO were once considered annoying, frustrating, and even unnecessary. But as more frequent data breaches lead to more stolen passwords—and those passwords are then used to hack into more accounts—tougher login protocols are a must. MFA requires a user to confirm their identity by completing at least two login steps—typically entering a password followed by a unique code or push notification delivered via text or email. Meanwhile, SSO streamlines access to multiple applications and accounts by confirming a digital identity with one master login. Both offer extra protection against information theft.
3. Roll out security updates and software patches automatically. Out-of-date operating systems and expired software applications lead to serious security vulnerabilities. The 2017 WannaCry attack took advantage of the end of support for Windows 7, while Apple’s older Big Sur OS has recently led to exploits on Mac computers. These two hacks had global implications, shutting down IT systems in critical industries across the globe while stealing specific data sets like payment card details, cryptocurrency wallet keys, and application passwords. Keep your business and employees safe by rolling out security updates and software patches automatically (and during off-hours) to minimize disruptions and digital threats.
4. Protect your network with multi-layered security tools. Once the first three basic steps are in place, it’s time to consider more in-depth tools. These extra layers of defense identify and resolve problems before they escalate, protecting you with:
a. DNS filtering, which protects against web-based attacks like malvertising, illicit links, and hidden bots that track keyboard activity
b. Anti-spam filters that protect against email-based attacks by testing email attachments before they land in your inbox
c. Security incident event management (SIEM) and security operations center (SOC) solutions, which provide extra layers of intuitive detection
d. Endpoint detection and response (EDR), which provides back-end visibility into a company’s network to analyze incoming traffic and spot real-time threats
5. Capable, comprehensive IT support you can count on. It takes a knowledgeable, trustworthy partner to deliver all of these security tools. It requires a proactive approach, too—one that makes a plan for addressing cybersecurity issues instead of waiting around for ransomware attacks or data breaches to happen. At CMIT Solutions, that includes:
a. 24×7 monitoring, which maintains a constant watch on every component of your company’s technology ecosystem
b. Real-world cybersecurity training, which empowers employees to be the first line of defense
c. Industry-specific compliance to help businesses meet evolving regulatory requirements
d. Nationwide support to protect both physical and remote offices—and the employees who staff them across multiple time zones
e. Local, one-on-one support, which adds a human face and a reliable name to the complex details of IT support
CMIT Solutions has spent the last 25 years building this kind of trust with thousands of clients across North America. We take pride in protecting businesses of every size, employees across every industry, and devices new and old.
With more than 250 independently owned and operated offices supported by 800 technicians spread out across North America, we work 24/7/365 to defend your data, strengthen your systems, and empower your employees to work smarter and more efficiently.
If recent cyberattacks have you worried, or you’re looking for a cost-effective way to enhance cybersecurity protections, contact CMIT Solutions today.