For consumers

GUEST ESSAY: Best practices checklists each individual computer user still needs to follow

By Peter Stelzhammer

In the days of non-stop attacks on personal and work devices, the common day consumer wouldn’t know where to begin in order to protect their devices.

The rise of attacks is unavoidable and with the everyday announcement of a new strain of malware, ransomware and now data wipers, consumers find themselves asking: where do I start? How do I do this?

Whether you are focused on your home computer, work laptop or business operating system as a whole, it’s important to learn the key steps you can take to ensure your defenses are active and up to date.

Update checklist

•Use and keep your security software (i.e. anti-virus program) up to date and turned on. Many users switch off their real-time protection to gain some speed, but safety should come before. We strongly recommend making sure that you use the latest version of the anti-virus software, and for that matter of any software that you are using on your computer. Newest versions come with improved and additional features to enhance software capability.

•Keep your firewall turned on. Software based firewalls are widely recommended for single computers, while hardware firewalls are typically provided with routers for networks. Some operating systems provide native software firewalls (such as Windows OS). For Microsoft Windows home users we recommend using the firewall in its default settings.

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

By Den Jones

Ransomware? I think you may have heard of it, isn’t the news full of it? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020.

The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor. In fact, Colonial Pipeline shut down, causing major problems at the gas pumps for days.

When these ransomware attacks occurred, RiskyBiz podcast host Patrick Grey commented that the U.S. would respond: “Don’t take away our gas or burgers.” What an outstanding response! And, he’s not wrong. When supply chain attacks start impacting everyone’s daily life, it becomes very real for us all.

Ransomware is likely going to be here for years to come. It’s such a big industry that Ransomware-as-a-Service (RaaS) actually offers criminals customer service and tech support. This means it’s now a commoditized industry leveraging backend services and capabilities all built for scale.

Best practices

Let’s walk through some practical steps organizations can take today, implementing zero trust and remote access strategies to help reduce ransomware risks:

•Obvious, but difficult – get end users to stop clicking unknown links and visiting random websites that they know little about, an educational challenge. As an enterprise security team, you could restrict internet access at your egress points, but this doesn’t do much when the workforce is remote.

GUEST ESSAY: Why automating distribution of strong passwords to employees is wise to do

By Julia O’Toole

Passwords have become ubiquitous with digital. Yet most people don’t know how to use them properly. The humble password is nothing more than a digital key that opens a door.

People use keys to open their house, office, garage or car. And they use passwords to open a device, a system, an account, a file and so on.

But the similarities stop here. In the physical world, people are not required to make their own keys; keys are given to them by a landlord, a locksmith, or an employer. Whereas in the digital world, people are required to make their own passwords, which they then have to remember and type every time.

Which begs the question: why do people create their own passwords? In truth they don’t need to. Just as they don’t need to hammer their own keys. All they need is to receive, retrieve and use them.

Cybersecurity’s blindspot

This misunderstanding has real implications for companies as it takes away their ability to be cybersecure. From the moment companies let their employees create their own passwords, they transfer their network command and control, financial risks and liabilities to their employees.

GUEST ESSAY: A call to blur the lines between cybersecurity training, up-skilling and higher ed

By Jack Koziol

In a recent survey of US-based CEOs, talent shortages and cybersecurity were listed as two of the top five business concerns in 2022.

Related: Cultivating ‘human sensors’

They may not entirely realize that when compounded, these two concerns could pose a critical security threat for their organization.

CEOs who are looking to secure their data and build a cyber-resilient infrastructure are facing a quadruple whammy:

•Expanding their digital infrastructure faster than they can secure it,

•Combatting record numbers of cyber incidents,

•Struggling to fill open cybersecurity roles, with now 600,000 unfilled cybersecurity roles in the U.S., and

•Losing the security talent that they do have to what has been called the Great Resignation.

The bottom line: organizations with unfilled cybersecurity roles are leaving themselves vulnerable to the growing number of cyber threats.

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

By Ryan C. Nerney

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances.

Individuals who possess security clearances are not prohibited from traveling to foreign countries; however, there are certain acts and behaviors that may raise foreign influence and/or foreign preference concerns.

Under Guideline B of the security clearance adjudicative guidelines, the United States government is concerned with any potential for foreign influence. This includes contact with foreign nationals or obtaining financial or property interests in a foreign country, that could create a heightened risk for foreign exploitation.

First, there are reporting requirements which indicate that any foreign travel, aid, logistics, obtaining property in a foreign country, or other such activity must be reported to one’s security officer.

It is common for people to want to expand their financial portfolios, sometimes including investments overseas; however, that possesses a security concern as any foreign assets may be used to exert pressure or influence over individuals who possess a security clearance. in order to persuade them to divulge U.S. national security secrets.

BEST PRACTICES: Blunting ‘BEC’ capers that continue to target, devastate SMBs and enterprises

By John WIlson

It’s no secret that cyberattacks can happen to any business, and we should all be suspicious of messages from unfamiliar senders appearing in our email inboxes.

Related: Deploying human sensors

But surely, we can feel confident in email communications and requests from our organization’s executives and fellow coworkers, right? The short answer: Not always

The reason is the rise in business email compromise (BEC) schemes. This type of targeted phishing or whaling (executive-level) attack tricks email recipients into believing someone they know and trust is asking them to carry out a specific financial task. Here are a few examples of how these insidious campaigns use the power of human relationships to defraud businesses via email:

Scenario 1. A CFO receives an urgent email request from the CEO asking her to pay a supplier invoice immediately. The CFO commonly carries out such tasks and arranges a wire transfer using the account information provided on the invoice. In actuality, the request is coming from a BEC fraud ring, and the payment details direct the funds to an account controlled by the attackers.

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

By Don Boian

Cyberattacks preceded Russia’s invasion of Ukraine, and these attacks continue today as the war unfolds. As the United States and other nations condemn Russia’s actions, the odds of Russian cyber actors targeting the U.S., allied countries, and businesses steadily increases.

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate.

Each of these organizations performs cyber operations for various reasons. The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Some Russian cyber actors may gather intelligence while others are financially motivated.

Cybercrime is big business as global losses to ransomware are projected to reach $42 billion within the next two years.The economic sanctions that many nations have put in place to influence Russia will most likely trigger an increase in the illicit business of cybercrime to help offset losses to what was legitimate trade.

Cyber attack targets

Russia isn’t the only cyber actor increasing its pace of cyber operations during this time. While the world focuses on Ukraine, other state actors have increased actions to penetrate government and private sector organizations. While you might think that these actors are interested in government and defense information, their operations prove they are interested in much more – including software development and information technology, data analytics, and logistics.

Older Articles »

The Last Watchdog