Cyberattack Survival: Part 1 – Mitigate

The first part in our Cyberattack Survival series will detail some of the best ways to ensure your organisation mitigates its chances of being attacked in the first place, and will provide a bit more context around why these reasons are fundamental in this stage. After all, this is your first line of defence against cyber crime; a recent study has found that organisations upping their cybersecurity defence strategies prevent around 87% of all focused attacks.

There are a number of ways that you can protect your organisation from attack in the first place. Ensuring that these bases are covered and routinely reviewed can also help in mitigating the impacts of an attack on your network in the event of a successful breach.

Backup data regularly

Create a backup of your data and store it offline or in a different location or network from your systems. Making multiple copies of files, especially regularly of your most important files, will mean your data remains shielded and that you have a copy of it in the event of a ransomware attack. In attacks such as the latter, the software will actively target backups to increase the chance the victim will pay the ransom. When backing up, be sure to check for malware before files are restored. As is the case with many breach incidents, the malware has been known to sit in the company network for an extensive period of time before detection, in order to establish its roots in the mainframe.

Update your software

Regular software updates can often be seen as a tedious task, however they are crucial in the process of ensuring your systems stay secure. Regular software updates, where available, will help to patch products where the developers have recognised vulnerabilities and remedied them. Continued use of out of date versions pose a great risk to your network, as even the smallest unpatched vulnerability can invite cyber criminals in.

Protect your communications

The majority (90%) of breaches in the present day are borne from email attack, via phishing scams. Most recently, the surge in ransomware attacks has also been as a result of an email campaign including attachments, like a word.doc or pdf that delivers the ransomware direct to your door. Many of these attacks are sophisticated and undetectable at first glance as a scam. Sadly, around 12% of email users will open a phishing email, and 4% will click on malicious links – but takes far less than that amount of people to cause a successful breach incident. Enable an email spam filter or similar scanning system that will detect the content and judge the safety of any incoming emails to the server, in order to help fend off the majority of phishing attempts.

It’s always a good idea to make sure that your organisation also has a backup communication system that is separate from the network. From the first detection of a breach incident and throughout the downtime it will inevitably cause, simple stress can mean confusion throughout your workforce. It’s vital that during a breach event, employees are kept in contact with clear and concise instruction on what to do, for example, in the event of a ransomware attack, infected devices should not be turned off in case of data loss.

Communications should be kept via a separate network of phone or email that is untethered to the infected network, so that there is no risk that the cyber criminal has access to any information or correspondence about what your organisation will do to stop their attack.

Employee awareness

Too often a breach incident will be the unfortunate result of an accidental employee misstep. This is why it is crucial for employers to have a clear cybersecurity strategy that is communicable to all departments and explains why it is important the strategy is maintained.

Phishing attacks are the most common event where human error unwittingly allows cybercriminal access. Like most cyberattacks, the level of sophistication in phishing attempts is forever increasing and adapting. For example, attackers will now employ the use of social media to harness company hierarchies, posing as an individual emailing another within the same organisation.

To remain on the front foot and with as reduced risk as possible, it’s vital all areas of the company has refreshed knowledge and understanding of the threat landscape and what they need to be aware of. Holding routine recaps or training briefs as and when a new threat is detected in the cyber world will be beneficial to the risk of a breach incident as a result of human error is reduced.

KNOW your vulnerabilities

Cybercriminals have a whole toolbox of cyberattacks depending on their purpose for attack. % of all breach incidents are reported to be financially motivated, so this is a good signifier of what your average cyber criminal is after. Nonetheless, it’s crucial to understand the value of your assets if they were to be compromised. It’s not just straight-talking financial details that will make a hacker slather at the chops – your customer data and their email and password credentials are invaluable for future use and can be resold by the criminal to others via the dark web for future phishing attempts or credential stuffing campaigns.

Of course, there are other fields of data or information that will be of more value to a hacker, especially depending on your industry. This is why it’s vital to understand where your treasure lies and ‘think like the hacker’ for a second so you can see any vulnerabilities that surround those assets.

Keeping up to date and regularly reviewing the processes and software currently making sure your organisation is protected for attack is arguably the most crucial part of the cybersecurity strategy. Ultimately, the investments you make in protecting your organisation against cyber threat will speak for themselves if attacks are kept at bay.

Serbus provides a key suite of mobile device security tools that enable your remote workers to stay safe and secure, wherever they are in the world and whatever is going on. To understand your remote working requirements in the face of the countries second lockdown, get in touch today on +44 (0)1432 870 879 or speak with us at [email protected].