How Can Your Company Reduce The Chance Of Cyberattack?

With the attack on the Colonial Pipeline roiling gas supply chains in all of the United States, last week the Cybersecurity and Infrastructure Security Agency (CISA) hosted a call for stakeholders that offered resources for protecting businesses against a ransomware attack. Officials directed partners to the CISA’s website for resources and information.

The CISA and the FBI also released an advisory that offers best practices for preventing business disruption during an attack.

CISA and the FBI suggest businesses:

• Require multi-factor authentication for all accounts, and particularly all privileged accounts on the network.
• Use strong email filtering and user training programs to reduce the risk of phishing attacks.
• Ensure all software on the network, and particularly internet-facing software, is up to date with the latest patches. Out of date, end of life, and unpatched software for applications, operating systems, and firmware create vulnerabilities.
• Limit access to resources over networks, including restricting access to remote desktop protocols. Actors exploit protocols that are not operationally necessary but are activated by default.
• Monitor and block inbound connections from anonymized sources.
• Ensure robust segmentation between the business network and the operational technology (OT) network, including eliminating unregulated communication between the two networks.
• Identify interdependencies between the business network and the OT network that must be eliminated or strongly controlled and ensure the OT network can operate if the IT network is compromised.
• Identify the organization’s most critical data that would inhibit your organization’s ability to operate if it were encrypted by malware. Store back-ups offline, maintain golden images (a/k/a clone image, master image, base image), of critical systems and back up source code and executables.