Cyber-security threats represent one of the key challenges for any organization. Keeping on top of the latest threats and risks is vital, but increasingly it's important to be prepared for the unexpected with a plan in place to deal with an incident when it occurs.
This blog post discusses the following topics to help you deal with relevant cyberattack scenarios in light of the ongoing Ukraine crisis and alike critical events:
-
- Common signs of cyber-attacks
- Cybersecurity checklist
The ongoing Ukrainian crisis has revealed that the impact of an extreme critical event could be far-reaching and not limited to the place of occurrence. It has a global resonance threatening the cybersecurity of governments and businesses, global supply chain, goods movement, prices..etc. The Cybersecurity and Infrastructure Agency (CISA) warns businesses across sectors like finance, banking, energy, and utilities against possible cyberattacks. These cyberattacks may potentially affect critical infrastructures, disrupt markets, and sabotage the security and safety of countries and governments worldwide.
As a response to the imposed western sanctions against Russia, cybersecurity experts have expressed that a potential cyber war is being reshaped between Russia and the West is an absolute concern and cannot be overlooked given what we are witnessing of cyberattacks on the Ukrainian vital sectors and infrastructure.
What are common signs of cyber-attacks?
A recent article by Inc magazine stated that 60% of small to mid-sized companies go out of business within six months of experiencing a cyber-attack. Unfortunately, many cyberattacks are discovered after the damage is already done. At the same time, , common cyber threats can be prevented if their signs are detected early. Here are some of the signs that may indicate that your company has fallen a victim to a cyber-attack:
1. Suspicious Emails
If your business email has been compromised, hackers can use man-in-the-middle attacks to reach confidential information, steal login credentials, spy data, and sabotage communications.
What to do next?
- Do not provide details for any unauthorized contact and reach the IT security team to check and stop the attack.
- Company Personnel must be trained to be alert for suspicious practices. Training can equip them with the needed skills to mitigate risks at early stages.
- Change passwords to new unused ones.
2. Slow connections
Slow connectivity of your computer or network might be a sign of a cyber-attack. This scenario indicates that data is being copied to a third party. Antivirus on staff computers might detect malicious activities, and the company server might warn that your IT system is under attack.
What to do next?
- Engage your IT team for further assistance and guidance.
- Avoid untrusted Wi-Fi resources
- Keep your antivirus software up to date
3. Suspicious account activities
Suspicious network activity can refer to unusual behaviors like abnormal access patterns, database activities, file changes, and other out-of-the-ordinary moves that can indicate an attack or data breach.
What to do next?
- If you detect any of these behaviors, alert your IT and security team to determine the cause and ensure your data remains protected in the future.
- Change to stronger, more secure passwords
Cybersecurity Checklist
Penetration testing
Staff training
TIP
Define responsibilities and tasks
Develop an emergency response plan
Cyber threats like Ransomware often block corporate networks. Typically, it restricts users' access until a ransom is paid. In this case, the communication will be limited and complex because the victim's e-mail system will be broken, vital records will be inaccessible, and the whole victim system will be down. In such a scenario, plans need to be in place to deal with the crisis. It is wise to pre-decide your initial responses and define strategic ones. For example:
Initial Response - Lower Level
✓ Secure all data
✓ Alert internal or external expertise, e.g., Computer Emergency Response Team
✓ Change all passwords and encryption keys
✓ Initiate actions to preserve and recover data
Strategic Response
✓ Assess prior controls and determine controls to be implemented
✓ Prepare press release
✓ Address any potential weaknesses in the system and contract with an outside organization to perform security testing
Invest in a proper crisis management tool
Invest in a secure solution that enables secure access for everyone to respond appropriately, facilitates confidential communications and engages relevant stakeholders in real-time to speed up decision-making and crisis management.
Try RAYVN for free
Wondering if RAYVN is the right solution?
Get a fully functional RAYVN account to test drive its key features, verify it meets your needs, and see how easy it is to digitalize your emergency response plan.