cybercriminals

The Wrong Kind of Wake-up Call

SHARE

Carl Mazzanti is the president of eMazzanti Technologies – a firm that specializes in Cyber Security in New Jersey

Carl

The bad guys are coming. In March, tech giant Microsoft announced  that the extortion and destruction threat DEV-0537, also known as LAPSUS$, penetrated one of its accounts. Although only a single account was compromised, ‘granting limited access,’ the attack highlights that getting hacked is a matter of when not if. However, advance security preparation may at least mitigate the damage. Setting up an efficient ‘fence’ around your files and data is crucial and requires serious thought.

One of the first post-hack steps is determining how the cybercriminals got into your system. This involves a cyber-forensic strategy. Sometimes the weakness is obvious – an employee admits that they clicked on a link without authenticating it. Other times, however, the threat may not be as subtle.

For example, sophisticated cybercriminals may deploy bots — software programs that repeatedly perform automated tasks — that scour social media for keywords like CEO, President, owner, and others that signify executive-level responsibility. When they latch on to these terms, they unleash other bots that access the Dark Web for passwords associated with the individual. Then they will run the passwords through the individual’s email and other accounts to gain access. Once they get a foothold in, let’s say, an email account, the cybercriminals may impersonate the account-holder and email infected files to their contacts, spreading ransomware and other malicious files.

Either way, the wake-up call that arrives with a cyber-penetration should motivate a company to review its cybersecurity strategy. Even if they contain the current attack, preventing the next one should be a priority. Reviewing cybersecurity strategies should be done regularly, but many fail to do so. Sometimes it takes a negative incident like the above to get started. Through our experience, we have seen many companies jump at the first ‘shiny object’ that promises to provide them with protection after a cyberattack — only to later discover that the promises were not delivered or they overpaid for the services or both.

cybercriminals

Setting up a Good Defense Takes Some Work

A well-organized Managed Services Provider (MSP) or other IT services organization will offer a layered, three-legged “triangle” approach to cybersecurity. The first leg incorporates preventative controls such as keeping software patches up to date, having good antivirus programs, setting up effective firewalls, and using multifactor authentication (MFA — where users must provide additional identity verification, like entering a code received via phone, before they are granted access to an account or an app).

The second leg typically features a stand-alone SEIM (Security Incident Event Monitoring) system. This middle layer analyzes tracking information or logs – to serve as warnings that hackers or other cybercriminals are probing a user. When SEIMs were first developed, they were so expensive that only large businesses could afford them. However, technological advances have brought the price down to the point where they can be included in an affordable security package for mid-size or even smaller companies.

The final and third leg consists of two components. The first is an integrated, cyber automated response package that kicks defenses up to the highest level — not only monitoring and alerting users about their devices and systems but also launching real-time responses that may eliminate or mitigate a hacker’s damage. The second is a comprehensive backup which serves as a fail-safe protocol when your data is compromised. This backup should also be shielded from the rest of your network.

In addition to utilizing the outside expertise of a vetted MSP, a business should also ensure that its entire staff undergoes cybersecurity awareness training. It is a way to mitigate the propensity of clicking unknown links or downloading potentially dangerous files. And since individuals perform best when their activity is measured, businesses should develop security KPIs (Key Performance Indicators) to help quantify the effectiveness of an organization’s employee cybersecurity training.

A hack is never pleasant. But if an organization uses it as a catalyst to improve their cyber-defenses, then at least something useful comes from it.

Multi-Factor Authentication

Passwords are no longer enough.

Dark Web Monitoring

Is your information on the Dark Web?

We go into the dark web to keep you out of it

Free Cyber Security Assessment

The time is NOW to begin planning your Cyber Security Strategy

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Watch On-Demand

SESSION 6: Threat Detection | JAN. 15

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

Recent Articles

NEWSLETTER

Categories