The fight against cyber-threats – How to handle increased risks levels

RAYVNNews

Cyber security image
The IT infrastructure of your business should be tested regularly. Potential threats, proper solutions, and responses are part of a rapidly changing world that you always need to keep up with. What you knew last week may not be enough to get you through today. Speaking from our security professionals, you have to keep up-to-date with the latest challenges and adapt accordingly.

This white paper discusses the following topics to help you deal with relevant cyberattack scenarios in light of the ongoing Ukraine crisis and alike critical events:

    1. Common signs of cyberattacks
    2. Cybersecurity Checklist

The ongoing Ukrainian crisis has revealed that the impact of an extreme critical event could be far-reaching and not limited to the place of occurrence. It has a global resonance threatening the cybersecurity of governments and businesses, global supply chain, goods movement, prices..etc. The Cybersecurity and Infrastructure Agency (CISA) warns businesses across sectors like finance, banking, energy, and utilities against possible cyberattacks. These cyberattacks may potentially affect critical infrastructures, disrupt markets, and sabotage the security and safety of countries and governments worldwide. 

As a response to the imposed western sanctions against Russia, cybersecurity experts have expressed that a potential cyber war is being reshaped between Russia and the West is an absolute concern and cannot be overlooked given what we are witnessing of cyberattacks on the Ukrainian vital sectors and infrastructure.

What are Common Signs of cyber-attacks?

A recent article by Inc magazine stated that “60% of companies go out of business within six months of experiencing a cyberattack”.  Thus, a  fact that can’t be ignored is that cyberattacks are often discovered after the damage is done. However, common cyber threats can be easily prevented if their signs are detected early. Here are some of the signs that may indicate that your company has fallen a victim to a cyberattack:
0%
goes bankrupt within 6 months of a cyber attack...

1. Suspicious Emails

If your business email has been compromised, hackers can use man-in-the-middle attacks to reach confidential information, steal login credentials, spy data, and sabotage communications.

What to do next?

  • Do not provide details for any unauthorized contact and reach the IT security team to check and stop the attack.
  • Company Personnel must be trained to be alert for suspicious practices. Training can equip them with the needed skills to mitigate risks at early stages. 
  • Change passwords to new unused ones

2. Slow connections

Slow connectivity of your computer or network might be a sign of a cyberattack. This scenario indicates that data is being copied to a third party. Antivirus on staff computers might detect malicious activities, and the company server might warn that your IT system is under attack.

What to do next? 

  • Engage your IT team for further assistance and guidance. 
  • Avoid untrusted Wi-Fi resources
  • Keep your antivirus software up to date



SPEED TESTGoodBad

3. Suspicious account activities

Suspicious network activity can refer to unusual behaviors like abnormal access patterns, database activities, file changes, and other out-of-the-ordinary moves that can indicate an attack or data breach.

What to do next?

  • If you detect any of these behaviors, alert your IT and security team to determine the cause and ensure your data remains protected in the future.
  • Change to stronger, more secure passwords

Cybersecurity Checklist

Business leaders and decision-makers need to consider this situation seriously beyond the painful, tragic war in Ukraine- given the sudden spillovers that potentially might affect vital sectors worldwide. There are various security tools, practices, and tactics available to help you boost your preparedness in the face of such threats.

Penetration testing

Penetration testing is also known as ethical hacking. It is a cyber security technique that aims to identify and probe vulnerabilities and security weaknesses in software and systems by simulating real-world cyber threats. This testing is conducted using manual or automated techniques to compromise servers, wireless networks, network devices, mobile devices, and other points of exposure.

Staff training

Employees should be mindful of the latest trends in cybersecurity, and companies need to deliver regular training to employees to protect themselves and company assets from malicious attacks as we mentioned in a previous article- 5 tips and tricks for emergency exercise. The training should be held regularly, covering various topics like phishing, password security, device security, types of attacks, precautions, and their consequences.

TIP

Learn more about conducting emergency exercises.

Define responsibilities and tasks

Cyberattack distribution can be exacerbated by uncertainty about the optimal response and unclear task allocation. For example, Chief Marketing Officer (CMO), chief information officer (CIO),chief technology officer (CTO), and  Chief security officer (CSO), will each have a role to play in this distribution, but it will overlap unless the roles and responsibilities are defined and assigned in advance. It is also worth drawing attention to the significant role of senior management in overseeing incident handlings and securing the company’s valuable information to protect their brand and company reputation.

Develop an emergency response plan

Cyber threats like Ransomware often block corporate networks. Typically, it restricts users' access until a ransom is paid. In this case, the communication will be limited and complex because the victim's e-mail system will be broken, vital records will be inaccessible, and the whole victim system will be down. In such a scenario, plans need to be in place to deal with the crisis. It is wise to pre-decide your initial responses and define strategic ones. For example:

Initial Response - Lower Level 

✓ Secure all data 

✓ Alert internal or external expertise, e.g., Computer Emergency Response Team

✓ Change all passwords and encryption keys

✓ Initiate actions to preserve and recover data

Strategic Response 

✓ Assess prior controls and determine controls to be implemented 

✓ Prepare press release 

✓ Address any potential weaknesses in the system and contract with an outside organization to perform security testing

TIP

Download a free copy of RAYVNs’ emergency response plan.

Invest in a proper crisis management tool

As a precautionary measure, It is recommended to pre-invest in a secure tool that enables safe information sharing accessible to everyone to respond appropriately, facilitate secure communication, and engage relevant stakeholders promptly to speed up decision making and crisis management.

TIP

Only choose a crisis management tool that is supported by multi-factor authentication to prevent hackers from accessing user accounts.

Sign up for a trial

Test RAYVN in your organization

Get access to all features

Test some basic predefined scenarios

Communicate with our support team

I want a trial
Image