Late last year, as well as more recently, two major cyber attacks occurred–one at SolarWinds via their software platform in December of 2020, and one at Colonial Pipeline just this month. These attacks are even more serious than one performed by a lone attacker, and signal how vulnerable networks can be. Not only do businesses need to use tools to protect their own computer networks, but to share information with other companies. Read on to learn how your company can protect itself against cyber attacks.
Recent Cyber Attacks a Wake-up Call
Last December, IT management company SolarWinds was attacked by hackers who inserted malicious code in what seemed a normal software update. What’s ironic is that the very platform used to monitor threats, was the one targeted. The bad code allowed the perpetrators to hack numerous government agencies and private companies, possibly stealing untold amounts of data. The company’s platform was used in this sophisticated attack, and the software update was downloaded by some 300,000 users. Through the download, the perpetrator was able to penetrate deep into companies’ and agencies’ networks. More recently, Colonial Pipeline was targeted in a potential attack on electrical supply to the East Coast via the gas pipeline. While investigations are still underway in each incident, foreign state actors are thought to be responsible. Both these attacks show how vulnerable companies can be. Could there have been a way to prevent the attacks, to see them coming? In spite of all the precautions companies take to shield their networks, cyberattacks seem almost inevitable.
Ways to Protect Your Company Against Ransomware
Of course, companies should continue doing things like remote network monitoring, maintaining current anti-virus and anti-malware definitions and training their staff to recognize possible attacks. Commonly hackers try to get into a system by phishing–trying to trick the recipient of an email into clicking a link, providing the attacker a way in. Employees need to be trained to recognize a phishing email by telltale signs (spelling errors in the email) and to inform a supervisor about the email. Yet there’s another step to take. This involves people–sharing information with other companies about attacks and threats of attacks. Commonly and unfortunately, there is a stigma to experiencing a cyber attack; a company doesn’t want to be considered weak. But think how much stronger companies could be when they depend on each other to be aware of new threats, and can band together against cyber crime. Along with this practice, a company can continue educating their staff to recognize phishing attacks and to be careful with passwords (making them difficult to guess, and changing them frequently). Every device connected to the network needs to be monitored, and ones suspected of being attacked, quarantined (disconnected) to keep the network secure.
Tools and technology like malware protection and network monitoring should always be a part of your cybersecurity plan. People can also play a role, by reporting possible attacks and sharing information. To learn more about refining your strategy for network security, contact us today.