We’re living in a world where everything is stored online, making all our personal information vulnerable to malicious cybersecurity threats from outside intruders, if not appropriately protected.
In the past a criminal had physical barriers to your possessions but now most of our personal information is sitting online, including all your banking details, with most of this information protected only by a simple password.
Even though many people have clued on to using cyber protection tools, such as two factor authentication (2FA), to help protect their data, CMTG systems engineer Andy Green says it’s still getting easier for hackers to get past online barriers.
“There are fewer and fewer physical barriers to those who want to take our possessions or identity and those protections are easily overcome by a well-crafted phishing email in addition to other social engineering attacks,” he says.
He also warns that backup recovery is not always possible as hackers will also try to remove these.
Andy adds that everyone is at risk to some extent, especially as we quickly respond to online requests in our busy lives. “We all receive emails when we’re beyond busy and risk falling victim to someone trying to steal our password,” he says.
“It’s all too easy for an attacker to use an automated tool from the other side of the world to send millions of scam emails or to try every password in a dictionary of millions against a server that is accessible from the Internet.”
How to protect yourself from cybersecurity threats
Even when an information server isn’t immediately “visible”, it doesn’t mean it can’t be found or hacked.
“The most common vulnerabilities continue to be weak passwords and out-of-date software that has yet to be patched. Addressing both will go a long way to securing most systems,” Andy says.
Andy has seen cyberattacks of all sizes, from small items such as credential loss via phishing emails to large companies brought to a halt by ransomware attacks.
There are “no hard and fast rules” to avoid cybersecurity incidents – but Andy says a good starting point is applying the same logic as if a stranger on the street told you they work for Microsoft and need your password or your email will stop working.
“Most likely you’d tell them to go away but when we receive a similar message via email, we’re sometimes inclined to believe the message at face value,” he says.
“Most social engineering attacks can be mitigated by simply pausing and asking yourself, ‘Who is this person that’s contacted me? Can I be certain they are who they say they are, and do they have the authority to ask me to perform this action?’”
He adds setting strong passwords, not reusing the same password and locking down access to only those who need access can also help protect information.
Businesses need to go one step further
For businesses to protect their information, they need to go beyond standard antivirus software and use an endpoint detection and response (EDR) solution, such as FortiEDR, to continuously monitor end-user devices to detect and respond to cyber threats like ransomware and malware.
“Traditional antivirus software simply looks at a file and makes a decision to allow the file to run or not. That’s it, nothing more,” Andy says.
“FortiEDR makes the same quick decision but, should there be any ambiguity, it requests a second opinion from Fortinet’s Cloud Infrastructure. Assuming the result comes back as malicious the now running process will be terminated.
“As more companies become familiar with ransomware attacks and recover via a backup – without paying a ransom – cyber criminals first extract as much intellectual property as they can before encrypting your data,” Andy explains.
EDR counters these threats by monitoring the application for unwanted actions and remediating them a number of ways, from automatically terminating and deleting the application to completely isolating the device and removing its ability to communicate across the network.
EDR provides a complete picture of any and all applications, such as Google Chrome and MYOB, for example, communicating from devices on your network.
“Unwanted applications, or applications with known security vulnerabilities, can be blocked with ease reducing the risk of a vulnerable application communicating across the network. Protected applications continue to work as expected reducing the impact to the end user,” Andy explains.
“EDR also provides a suite of tools to search for dangers within the network, called threat hunting, and provides detailed reports of the activity on protected devices. Any unwanted actions can be quickly isolated and remediated.”