You may not live in the Ukrainian capital, Kyiv, so no need to worry about a missile landing at your office. But even if you are 6,000 miles away, you could still get smacked of Russia or a without a name fall from cyberwar the enemies.
As the war progresses, chances will only increase cyber-attacks and cyber-attacks will affect everyone. So what can you do to protect yourself?
I have given it some thought and here are my suggestions. They may look basic, but these suggestions may save your business.
You have heard this a million times: Backup your systems. Well, here it is again and this time you better pay attention. Russia has released a new type of Windows malware, HermeticWiper, which wipes the data from your computers and then makes it impossible to boot. No backup? Without a computer.
As well as hitting sites in Ukraine, it has also hit businesses in Latvia and Lithuania. I think it’s only a matter of time before it damages systems around the world – including the ones in a server room near you.
The most common way to get malware into your computers is through phishing attacks. This common method works for one of your employees to click a link or open a file that will infect ransomware or virus on your computer as well as ever.
You can tell your people until you have blue in your face without opening suspicious emails, but they are sometimes. So while I encourage you to keep trying to educate your people, you should also invest in it anti – phishing tools or services.
Are you delaying updating your programs or operating system because there is too much trouble? I get that, but this is not the time to hold back. I promise you that there are some nice zero day terrifying stuff waiting to be released on older software. The later your children are, the less likely you are to drop your child when they arrive.
At the same time, if you rely on, say, nod.js or other external programmable code repositories, it’s time to lock your code. As Alan Cox, a one – time Linux kernel developer, explained: “Anyone pull anything from an external repository, especially an automated one, should the IMHO embark on a full review and switch control to locking. People are already talking about things like js modules and python modules fighting people who hate protests and traps. ”
He is right.
- Upgrade or purchase security software
There are many types of security programs and services out there. I can’t tell you what you need in particular, because every business is different and has different needs. What am I can tell you that whatever you do, you must find and use security programs to protect critical systems. (CSO a good place to start for the latest on security software.)
- Use multifactor authentication
It’s not a simple login and password these days. You need it multifactor authentication (MFA). Even if you have never used MFA on a computer, you have used it in real life. For example, every time you gasp with a credit card at a gas pump, you need to enter your zip code. Alternatively, whenever you receive cash from an ATM, you will need your bank card and personal identification number (PIN). These transactions use a physical factor, your card, and an information factor, your ZIP code or your PIN.
Everyone now strongly supports MFA, and you should, too. It can go a long way in protecting you and your systems from harm. It is not perfect, however. The IS Old school user ID / password / text message is easy to crack.
Ultimately, you want to switch to a Zero-Tust security system. But that takes a lot of work. You need better security right away, which means making the most of a quick and relatively easy security setup rather than switching to a whole new approach. There will be a time for that when the war is over.
Let us pray that the fight will end sooner rather than later, for ourselves and for those caught in the middle of the war of righteousness.
Next, Read This:
Copyright © 2022 IDG Communications, Inc.
After Russia invaded Ukraine, it’s time to hunker down
Source link After Russia invaded Ukraine, it’s time to hunker down