The continuing war between Russia and the Ukraine has brought more than a war of the physical kind, as the landscape of cybersecurity threats changes. Businesses both near and far are facing this heightened threat of network and systems invasion.
On the one hand disinformation is spreading and being actively fought. While the popular Anonymous group has threats of a “cyber war” against Russia. In retaliation another ransomware group is warning they’ll launch an attack for any harm brought to Russia’s critical infrastructure (and then subsequently had to stanch the informational bleeding caused by an insider’s leak campaign).
Meanwhile, external government-sponsored threat actors are continuing to push their own campaigns against Africa, Asia, Europe, and North America.
As a result of the cyber war, at the international level, ordinary businesses that are small-to-medium can get caught in the crossfire and end up as a casualty of war.
So, to protect your business from taking a hit, here are four cybersecurity best practices that SMBs can adopt today to protect your business, employees, devices, and networks.
1. Lock down your public-facing networks and beef up internal security
The history of cybersecurity’s most devastating attacks comes from situations where there has been a lapse in judgement. For instance
- unprotected Remote Desktop Protocol (RDP) ports
- elevated access privileges for far too many employees
- unpatched vulnerabilities
- lacking multi-factor authentication
But these lapses in security judgement can be fixed quickly and easily with the right type of prioritization. The most recent advice from the US Cybersecurity and Infrastructure Security Agency (CISA), is that companies especially SMBs need to follow the below:
- Multi-factor authentication is in place for all remote access to the organization’s network and privileged or administrative access.
- Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA.
- Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes.
- If the organization is using cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance.
- Sign up for CISA’s free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats.
Certainly, with these practices in place many of the common cyberattacks can be minimised or even avoided. To ensure you’re ready during this time of increased cyberattacks read up on how to detect cyber breaches as they happen, and to prepare on how to respond to such an attack when it happens at CISA’s “Shields Up”
2. Audit access privileges and clean up old account credentials
On a regular basis SMBs need to review who has access to what systems. In other words what access privileges do employees have regarding your systems and do they need all that access? Too many times employees end up with a blanket access to the entire company, rather than on a as needed basis. If the employee is successfully phished, then the attackers could get access to all your systems.
So, assess who needs access and to what parts of the company. Ask yourself, do they really need access? Secondly, do a clean up of any old user accounts from past employees. All old users must be deactivated.
3. Stay vigilant of phishing scams
In the same vein as the start of COVID-19 where online scammers came out in force to swindle people of money is what we’re seeing here. An increase in fake pleas for charity donations and then the money ends up in the cyberthief’s hands.
It’s good practice for employers to remind their employees about the possible threat of phishing attack in line with the current war going on.
Ask them to:
- be wary of any unexpected requests for personal information
- hover over URL links to ensure they’re legitimate
- double-check the sender’s own email address
- avoid opening email attachments from unknown senders
- scan any message for spelling and grammar mistakes.
If you as an SMB have not pushed out any phishing training in your organization, contact us to help you navigate the next stage, of how to.
4. Do not roll out brand new, untested cybersecurity measures
Right now, the cybersecurity needs for SMBs are securing the tools and programs that they are using currently, rather than adding complex new ones that take time to install. In other words, both time and caution are needed as small business can have hundreds of endpoints each with dozens of software tools. It’s more complex than we think. Each of tools have their own reams with current and out of date account credentials.
In this hostile environment a new fancy tool may sound like the answer when you know your cybersecurity needs bolstering. But it could be more of a headache for your IT department than help.
For instance, your IT department will need to split their time between a new project and the current threat landscape. So, give them the scope to raise issues and fix the issues for today without having to worry about the possible issues of tomorrow.
