There seems to be a shift in attack methodology. Years ago, attackers wanted it known that they hacked your company. It was a feather in their cap. The last few years we have been dealing with low and slow attacks with hackers trying to remain hidden and maintain access for as long as possible so they could steal as much intellectual property as possible. It appears now that attackers are moving back to making their hacks very public. The main difference now is that they are motivated by money, not the recognition.
Going public with a hack forces a company to react quickly and ups the attacker’s chances of getting paid money or worse, ruining your reputation. Ransomware is here and unfortunately it is getting more sophisticated. Make sure you have solid backups of your data and also make sure you have copies that are offline. We have seen attackers delete network attached storage backup data in an effort to keep companies down if no ransom is paid.
Most of us have network attached storage or file servers with disk arrays. When we want to save a file, we create a folder or use an existing one that resides on these devices. We click save and forget all about it. We need to ask questions about the data that we are storing, who has access? Is this access read access only or can they change files? Who can delete these files? A great many of us simply have folders with the permissions EVERYONE Full Access. Most of us have all our data organized neatly together so people can easily find what they need.
When attackers steal data, we need to make their job harder. Segmenting data and setting proper permissions works to limit some of the damage done if you do become a victim and also forces attackers to work harder (make more noise on the network) which often enables your administrators and security team to find them. The days of simply having a firewall and anti-virus are over. Attackers have beaten these defenses years ago. Protection is key, detection is a must. As companies, we must have network and system monitoring systems in place.
You may have heard about the recent attack on Panama law firm Mossack Fonseca, where 2.6 Terabytes of data was stolen. A whopping 11.5 million documents!
Security teams face constant pressure to detect and respond to threats faster while managing increasingly…
Security Information and Event Management systems remain fundamental to modern cybersecurity strategies, but the financial…
Organizations face mounting pressure to protect sensitive data, maintain operational continuity, and comply with increasingly…
Small business owners face an uncomfortable reality: cybercriminals view them as ideal targets. While major…
Manufacturing plants, power grids, water treatment facilities, and chemical refineries once operated in isolated networks…
Security Information and Event Management platforms promise comprehensive threat detection, centralized log management, and improved…