Cyber Warfare is Now a Daily Threat in 2021
Recent state-sponsored cyberattacks prove that cyber espionage campaigns are targeting the public and private sectors with increasing sophistication and scale. Firms, regardless of size, may find themselves in the crosshairs.
The cyberattack on SolarWinds, a Texas-based IT infrastructure software company, is the perfect example.
The U.S. government has come out and said Russia’s Foreign Intelligence Service was behind the Trojan horse-style attack that involved hackers infecting SolarWinds’ Orion cybersecurity management software update with malware.
Once downloaded, the malware gave the hackers the ability to spy on their victims, including branches of the U.S. military; the U.S. departments of Defense, Treasury, Justice, Energy, and Homeland Security; and many Fortune 500 companies, to name a few. Up to 18,000 of the firm’s reported 33,000 customers were pushed these infected software updates, SolarWinds told the SEC. Because the attack went undetected for so long—an estimated nine months—security experts say it will be difficult to fully resolve and identify all of its victims.
Microsoft is also dealing with a separate recently discovered cybersecurity attack on its business email software.
The software giant says a Chinese government-backed hacking group is responsible for the breach that so far has claimed more than 60,000 victims. Many are small-to-medium-sized public and private sector firms that were compromised through the Microsoft Exchange platform.
So how does a firm stay safe while under the constant threat of cyberwarfare? Prevention and preparation, says TalaTek founder and managing director Baan Alsinawi.
“Establishing a risk management program is the critical first step for organizations of all sizes. It is best accomplished through an initial risk assessment where data is identified, categorized and ranked according to the perceived impact to the organization should its data be exposed, lost or stolen,” Alsinawi says. “It’s then imperative to have an incident response plan in place and a trained team ready to deploy it when needed.”
At a minimum, organizations should take the following steps to protect their data:
- Set up multifactor authentication for users accessing the network.
- Utilize access controls to manage who gets access to what data.
- Use encryption to protect data at rest and in transfer.
- Enable access to secure, encrypted backups.
- Manage your vendors and partners accessing your systems.
- Establish incident response/disaster recovery and continuity of operations plans.
- Engage cybersecurity frameworks and other regulatory controls to manage and monitor systems.
It’s also important to provide regular security awareness training for every employee, regardless of title or role, to build a corporate culture of security. Many hackers gain access to corporate systems when staff click on links in phishing emails that download malware or ransomware. Having systems in place where educated employees can report suspected phishing attempts or spam can help prevent these attacks.