You’ve probably heard of the recent ransomware attack on the Colonial Pipeline. Luckily, they were able to recover quickly, keeping the threat of a gas shortage at bay. These attacks usually start out as a phishing attack: an urgent email comes, likely impersonating a person you trust or impersonating a government agency; you’re urged to click on a link and that’s when the Ransomware infects the computer. What this looks like is that important files on the computer are encrypted (and sometimes copied to the attacker’s computer), effectively making that data inaccessible until a ransom is paid.
Defense
Cyberattacks are costly for businesses. The best way to lower your risk is to put up multiple layers of defense, so if the attackers manage to overcome one defense, they’ll potentially be stopped by another. An example of this is to use both “endpoint protection” to protect devices and to have employees go through “phishing training,” where they learn to identify potential phishing emails.
Test Your Network
It used to be that only big companies would do “network audits,” where their networks are checked for compliance, scanned for weaknesses and/or outright “hacked” by the good guys to reveal the security holes in a companies network. As cyber attacks become more frequent, more businesses, even smaller ones, are asked (or required) by other businesses or by the government to abide by certain compliance standards; many of these standards include some sort of network audit.
Preparation
One fundamental step any business can take is to create a map of their network; this is a picture of your network, showing servers, laptops, workstations, printers, mobile devices, cameras, etc. and how they are connected together. This type of document is typically required by those performing a network audit. You can use this document as a launchpad to make more informed decisions about your IT network growth and cyber security planning.
Bouncing Back
In the unfortunate event of a ransomware attack, you’ll want to call in an “incident response” team. One of the first things they’ll ask is if there are backups of the ransomed data. If you don’t currently have a backup strategy in place, right now is a good time to get started. One of the next things an incident response team will ask for is a network map; if one does not exist, they will take the time, at an incident response billable rate, to create one so they can successfully complete their task. Time is of the essence when systems are down due to an attack; it is far wiser to have a network map current before a crisis than to have to create one during the crisis.
Takeaways
- Put up multiple layers of defense against malicious cyber attacks
- Create a network map to give IT visibility into your network
- Get a backup strategy in place to protect data in case of an attack
If you would like help creating a network map, please reach out or if you’d like more information, click here. We can scan your network and create a standards-compliant network map quickly and professionally.