When it comes to external threats, there is a lot to know. An external threat is when someone from outside the company uses malicious software or hacking as a way to take advantage of system vulnerabilities. As a managed service provider, we get a lot of questions from our clients on external threats, so we decided to use our experience and knowledge to help educate users on the most common forms of external threats, ransomware and phishing. The first step to combating external threats, is understanding them.
What is ransomware?
Ransomware is a malicious software used by hackers that can block access to a company's system. The hacker will typically block access until a sum of money is paid by the company.
How to protect against ransomware?
Ransomware will block access to a computer system or its files until the sum of money is paid. Your company should institute a process that contains multiple tools and policies that, in combination, help to protect against ransomware. The solution should also contain an antivirus which will help to detect and block malicious software from being installed.
In addition to the antivirus, utilize a DNS-layer security agent which will help block malicious internet requests at the DNS layer. This helps prevent ransomware at the earliest stage of infection. Microsoft Office 365 (ATP) Advanced Threat Protection should be also used which will help detect and block malicious links and attachments from being sent to your email. While having multiple tools will help reduce your chance of getting infected with ransomware, you should also provide cyber security training to your teams and run simulated phishing attempts. This helps train your team how to identify malicious emails and avoid clicking on malicious links and attachments inside of the emails. In the unfortunate event that ransomware does happen to get through, you will have a solid backup solution in place.
What is phishing?
Phishing is the act of sending out a deceptive email or using fraudulent website links with the intent that a user will click on it, so that they can gain access to company or personal information, such as passwords, credit card numbers, or any other sensitive data they can obtain. The hacker will typically appear to a company as a reputable company or familiar contact, so that they can pose as a legitimate source.
How to protect against phishing?
One way to prevent this is to have all team members go through cyber security training monthly and to conduct monthly simulated phishing campaigns. The training will help your team identify a legitimate email from a phishing email. The simulated phishing campaigns will help you gauge how your team is doing by identifying phishing emails and which team members require additional training.
Most importantly, it is imperative that all accounts on your network are protected using MFA (Multi-Factor Authentication). MFA requires that a user trying to login to an online account must provide 2 or more verification factors. The most common way is during log in via computer and then receive a text to a cellphone to verify that it is indeed the correct user attempting to log in. This way someone who falls victim to a phishing attack and provides their credentials, will have a better chance of not getting their information stolen because the hacker will still have to go through that second level of authentication. This will make it more difficult for the hacker to gain access to your systems through a targeted user.
Why does it matter? Why now?
External threats such as, ransomware and phishing attacks are now an every day event and many businesses will close because of the monetary extortion or the business interruption that will take place. For this reason, it is important to stay educated and informed on different forms of external threats and red flags that you should be on the lookout for. Having preventive measures in place and being proactive with your network infrastructure is one of the best ways to keep external threats from breaching your network. If you are unsure on where to even begin when it comes to your managed IT and network security precautions, a good option is to outsource a managed IT provider for proactive monitoring and network management.
For any questions, please contact Usherwood Office Technology at, 800-724-2119.