Defending Against Ransomware and other Cyber Attacks
As the situation in Ukraine continues to intensify, we need to remain vigilant in our own defenses. Russia has launched numerous cyber-attacks on Ukraine this week, and cybersecurity experts warn more attacks are likely. The CISA began advising organizations of all sizes to put their “Shields Up” in preparation for more cyber-attacks, like the one Russia launched on the Colonial Pipeline.
The head of the FBI’s Cyber Division warned US businesses and local governments they should be vigilant against potential Ransomware attacks. All organizations of all sizes are at risk and need to put as many security measures in place as possible.
Here are some security measures you can put in place for your business today:
- Review your cyberattack response plan. If you do not have a plan, designate a person in charge to coordinate the company’s response to a cyberattack.
- You need to make sure that your company can still run when things go wrong. Review your business continuity plans and check that backups are in place and working.
- With the ongoing crisis in Ukraine, it is important that you review your supply chain and determine if any components are sourced from there. The White House has already warned about an interruption of chip production.
- Train your employees how to recognize phishing attacks. Even with all the technology, phishing attacks are still the main channel of ransomware attacks.
- Utilize MFA (Multi-Factor Authentication) on as many accounts as possible and avoid using the same password across accounts. MFA is one of the easiest ways to defend against cyber-attacks.
Your IT department should have many tools available for you to take advantage of to further secure your business, such as:
- Spam Filters
- End User Security Training
- Team of Expert Service Engineers
As we continue to learn more about the threats we face, we need to remember that even though we have multiple defenses in place for your business, Ransomware, like a Vampire, cannot come in unless it is invited in.
Please remember to NEVER click on links or open attachments in emails you are not expecting. Phishing emails often create a sense of urgency, contain links and attachments, and ask for personal information. If you are ever unsure of the legitimacy of an email, check with your IT department or delete it.
Let’s not forget to keep citizens of Ukraine, our allies, and our troops in our thoughts and prayers.