Cyber Attacks - Should You Be Concerned?

A Conversation You Need To Have!

Cyber attacker

This weekend Scomo has told us all "be aware we are under cyber attack". What does this mean for you and your company?

As you return to work on Monday - will you be looking at your data protection and back up systems to ensure that your company data is not under threat? Or will you just cross your fingers and hope this does not happen to you? 

The Essential Eight from the Australian Cyber Security Centre is a great starting point to make sure your company data is protected. 

The eight is listed here, if you need help with implementing these strategies or programs we can help you. 

Get Protected

Mitigation Strategies to Prevent Malware Delivery and Execution

Application control to prevent execution of unapproved/malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell and HTA) and installers.

Why: All non-approved applications (including malicious code) are prevented from executing.

Patch applications e.g. Flash, web browsers, Microsoft Office, Java and PDF viewers. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.

Why: Security vulnerabilities in applications can be used to execute malicious code on systems.

Configure Microsoft Office macro settings to block macros from the internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.

Why: Microsoft Office macros can be used to deliver and execute malicious code on systems.

User application hardening. Configure web browsers to block Flash (ideally uninstall it), ads and Java on the internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.

Why: Flash, ads and Java are popular ways to deliver and execute malicious code on systems.

Mitigation Strategies to Limit the Extent of Cyber Security Incidents

Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.

Why: Admin accounts are the ‘keys to the kingdom’. Adversaries use these accounts to gain full access to information and systems.

Patch operating systems. Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Don't use unsupported versions.

Why: Security vulnerabilities in operating systems can be used to further the compromise of systems.

Multi-factor authentication including for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.

Why: Stronger user authentication makes it harder for adversaries to access sensitive information and systems.


Mitigation Strategies to Recover Data and System Availability

Daily backups of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.

Why: To ensure information can be accessed following a cyber security incident (e.g. a ransomware incident).

 We have some great package deals available to help you protect your business so that you can sleep easy knowing that your data that you worked so hard to create is protected. 

Managed It Service 

Don't need to read more just want to get it done CONTACT US!

Leave a comment

Please note, comments must be approved before they are published