MAINNERVE BLOG

Stay up-to-date on cybersecurity news and information.

I am sure that, over the weekend, you were inundated with news about the latest worldwide cyber attack, infecting hundreds of thousands of systems around the world. Once the infection was uploaded, the files in the affected computers and servers were then encrypted and a delivered message from the hackers demanded a ransom be paid to decrypt the data. From a hacker’s perspective, the infection was a complete success, affecting major corporations, government agencies and business worldwide.

If you didn’t read too deeply, you would think that this was the end of the world as we know it, that some secret NSA developed virus was taking over businesses, government entities and personal computers and there was no way to stop it. But a deeper dive into the infection demonstrates once again, why proper cyber and IT hygiene is critical in preventing such serious infections.

The infection works by taking advantage of a flaw in older Microsoft operating systems and was released by a hacking group called Shadow Brokers who are purportedly tied to hacks that were stolen from the NSA. Regardless of its origin or the effectiveness of the hack, basic IT and cyber hygiene would have prevented these infections. Why? Because the update to fix that hack was released by Microsoft in February and every one of these IT managers should have updated their IT systems. Additionally, most Anti-Virus programs have the update contained in them as well, as a simple search will reveal. Basically, by simply keeping their operating systems updated (which is about as basic as IT maintenance can get), this infection could have been prevented. Or, in the case of some of the older OS, like Windows 8, Server 2003 or XP, that are no longer supported by Microsoft, companies that are lagging behind the times or pinching pennies, paid the price for not updating their IT systems to one that has the requisite support from the manufacturer, again, something that every business should do.

I don’t want to get on my soapbox again but, as proponents of businesses small and large, we have often stressed the most affordable ways to prevent hackers from gaining access and control of critical IT systems that are critical to the operations of any sized corporation. As CEOs or small business owners, it is critical that stakeholders ensure that their IT managers are doing their jobs, but as owners, they are usually IT challenged and rely on IT managers and personnel heavily, with minimal means to check their efficiency. But there are ways to ensure that they are doing their jobs, one of them being vulnerability scanning.

A vulnerability scan is a very inexpensive way to get a look at your IT architecture and to determine how up-to-date and/or secure it is. By using a variety of open source or proprietary tools, a provider obtains access to your network (through your IT POC) and “scans” the network for missing updates, open ports and other areas where hackers may enter your network. The reports are simple to read and demonstrate what vulnerabilities exist, allowing the business owner to make informed decisions and can determine if s/he is secure or not. Repeated scans offer the owner the ability to track the progress that their IT personnel are making on addressing these vulnerabilities.

Other areas where business owners and private citizens can increase their security:

Update and Update again: too often we ignore those “update” messages that come up on our computer. When you see them, act. Usually they contain critical updates to upgrade security as was issued by Microsoft to prevent the Wannacry hack.
Download File: This goes back to training and preventing your employees from clicking on those blue links of chaos that come in emails promising things that are just too good to be true (they aren’t). Ensure they are aware of simple social engineering approaches: changed email addresses, modified URLs, etc.

Use Anti-Virus Programs: AV programs usually get frowned upon (think that PCMatic guy) and most people rely on their computer firewalls to prevent viruses. AV programs are kept reasonably up-to-date and usually include information from application and system providers on hacks that affect their programs.

Back up your system: Sometimes a business cannot control everyone that touches their IT systems and even the most rigorous training program will not prevent someone from downloading an infection. Make sure your systems are backed up and ensure that those backups are stored off site and on a different system/server than the one your company operates on.

These simple tactics can help prevent such a calamity from affecting your business. Practice good IT and cyber hygiene and you have a stronger chance of surviving a global cyber-attack.