The approaching Easter holidays can bring a cyber security risk to businesses.
The shortage of staff creates an urgency for organizations to have cyber security plans. For example, in 2021, the planned Kaseya ransomware attack happened on the 4th of July.
Russian hackers knew there would be a staff shortage in the US. They used the company’s software to infiltrate the victims’ systems, using a zero-day vulnerability. As a result, the attack caused significant financial loss to 50 direct customers, and between 800 and 1,500 businesses down the chain.
In short, the lesson learned is that we should better plan the security safeguards taken in times of staff shortage. The most frequent attacks that are happening unnoticed are social engineering, phishing, malware, and ransomware. We must be prepared for them.
Here are some of the tips we would recommend every company to take when planning such events.
1. Create a backup of your data
Еncrypt backups of data and store them in a way that is strongly protected. Storing the copy of the data on a separate medium is critical to protect against primary data loss. It’s not a question of whether or not your business will be attacked, it’s a question of when and how.
Therefore the best practice is backup copies should be made on a consistent, regular basis. So it can defend sensitive business information in the event of a hardware malfunction, or hacker penetration.
The longer passes between backup copies lead to higher chances of information loss. Many ransomware attacks attempt to find and delete or encrypt accessible backups. Other techniques like dangerous malware, spyware, and viruses are among the leading causes of data loss and system breaches.
2. Use strong passwords
The most common way that hackers breach your computer is by guessing passwords. Passwords should not be used across multiple devices. They must not be stored on the system where an adversary may have access.
When creating a password, you should think of something that will be easy to memorize. The way to do that is to turn a sentence or phrase into something that is not easily recognized by others.
- Use Birthdays, Social Security numbers, Network names
- Use the same password across different platforms
- Passwords under 8 symbols
- Use consecutive numbers
- Incorporate numbers, symbols, and uppercase and lowercase letters
- Change your password regularly
- Make sure your password is a minimum of 8 characters
- Change your password regularly
Check how long it will take a hacker to crack your password
Besides strong passwords, setting up two-factor authentication (2fa) gives an extra layer of protection for your data. Therefore, this should always be considered and included in the security policies of your organization.
3. Cybersecurity awareness programs
Regular educational programs for cyber security can be valuable. Because of the increased workload, especially over the holidays, employees are more prone to phishing, social engineering, and even charity fraud. Malware is becoming more and more sophisticated. This makes cyber security awareness programs a must-have for every organization.
Enforcing cybersecurity awareness programs is necessary. Everyone has a responsibility for the cybersecurity of the organization. Employees at every level of the organization should receive training.
Above all creating a culture around cyber security awareness in the workplace is important.
4. Review data logs.
Logs are important for cyber security. They are the first indicators that something is wrong. It’s important to review logs constantly or set up alerts when certain action/actions happen. As a result of doing so, you can mitigate the risk of hackers’ attacks.
Log management plays a key role in cyber security strategy. With the information in the logs, you can measure and address potential threats to the organization. This way you can enhance the productivity of security teams across the organization.
Security Information and Event Management (SIEM) is software that collects log data. Also provides monitoring, detection, and alerting of security events in real-time.
Some of the anomalies to look for when reviewing the logs are:
- Unauthorized activity
- Connection time-outs
- Failed login attempts
- Unauthorized configuration changes
- Suspicious traffic patterns
LogSentinel SIEM and XDR tools collect and analyze logs. Based on the data gathered, they report and visualize the data, helping your team to detect and investigate security threats.
The collected data is normalized, enriched, and correlated to the user/services that produced it to help your team during incident investigation and detection.
LogSentinel SIEM and XDR do not collect your corporate or customer data.
Interested to learn more about how LogSentinel can add an extra layer to your cyber security efforts? Request a demo today!