Ransomware | How to prevent your organization from becoming a victim

(Ottawa) Cybercriminals have turned to a lucrative tactic, holding crucial digital files of different companies hostage until they pay hefty fees, often in hard-to-trace virtual currency.



Jim Bronskill
The Canadian Press

The federal government says that in the first six months of the year, more than half of Canadian ransomware victims were providers of critical infrastructure, including the energy, healthcare and manufacturing sectors.

Since March 2020, nearly a quarter of Canadian small businesses have suffered some sort of hostile cyber incident, according to federal officials.

The digital dilemma has prompted several cabinet ministers to advocate this week with Canadian organizations to take protective action.

Many breaches are attacks that take advantage of a network vulnerability, noted Dwayne Robinson, global director of incident response at CyberClan, which provides security services to small and medium businesses.

“I would say few of these are true targeted attacks,” Robinson said during a recent ransomware webinar in Canada.

There are some basic things businesses can do to dramatically improve their security, he added. “And it’s a little frustrating because we see the same thing over and over and over and over again. ”

The Canadian Center for Cyber ​​Security, a federal agency, has developed detailed guidelines on preventing and protecting against a ransomware attack. Here is an overview of some key recommendations:

Training – Provide security awareness training to employees to make sure they don’t click on phishing emails or open infected attachments.

Planning – Make a plan for how your organization will monitor, detect, and respond to a ransomware attack. Test the response plan with exercises.

Cyber ​​Insurance – The average cost of recovery from a ransomware attack worldwide more than doubled last year to $ 2.3 million. Take a look at insurance policies and ask yourself if they would be helpful.

Assessment – Private specialists can assess an organization’s computer systems and recommend precautions against a ransomware attack.

The federal government offers programs for operators of critical infrastructure in the areas of energy and utilities, finance, food, government, health, information and communication technologies , manufacturing, security, transportation and water.

Public Safety Canada, in collaboration with the Center for Cyber ​​Security, designed the Canadian Cyber ​​Security Tool to provide critical infrastructure organizations with an easy way to assess their cybersecurity in under an hour.

It was first offered to healthcare organizations in the summer of 2020 and is now available for all critical infrastructure sectors. Public Security says it has completed 132 assessments to date.

The ministry is also offering Canada’s Cyber ​​Resilience Review, a survey-based, field-based assessment that can take up to a day and a half. Public Safety says 110 assessments have been completed in various critical infrastructure sectors since 2013.

Security Tools – Install anti-malware and anti-virus software on devices to detect suspicious activity and secure the network with a firewall. Use strong passwords, or passphrases, to fend off so-called “brute-force” attacks that scroll through endless password possibilities.

Updates – Regularly use updates and patches to fix bugs and vulnerabilities in software, firmware, and operating systems.

Network segmentation – Dividing a network into several smaller segments can prevent ransomware from spreading throughout the network.

Respect for the principle of “least privilege” – Give employees access only to the functions and privileges necessary to perform their duties.

Random Testing – Have testers try to breach the security of a system with techniques that a hacker could use. The Bank of Canada, like many financial institutions, has a long history of protecting internal systems, including network penetration testing.

Data Backups – It is essential for an organization to have copies of data and systems in the event of an incident. Make sure that backups are stored offline, as cybercriminals can infect backups if they are connected to networks.

“Make sure your organization has multiple backups stored offline and performs the backup process frequently, to ensure that the data is as up-to-date as possible,” advises the Cyber ​​Center.

“Testing your backups is also a critical part of your backup and restore process. To ensure an additional layer of protection, you should encrypt your backups. Having a secondary backup in the cloud is also a recommended approach to improve your recoverability. ”


source site-55

Latest