There seems to be a shift in attack methodology. Years ago, attackers wanted it known that they hacked your company. It was a feather in their cap. The last few years we have been dealing with low and slow attacks with hackers trying to remain hidden and maintain access for as long as possible so they could steal as much intellectual property as possible. It appears now that attackers are moving back to making their hacks very public. The main difference now is that they are motivated by money, not the recognition.
Going public with a hack forces a company to react quickly and ups the attacker’s chances of getting paid money or worse, ruining your reputation. Ransomware is here and unfortunately it is getting more sophisticated. Make sure you have solid backups of your data and also make sure you have copies that are offline. We have seen attackers delete network attached storage backup data in an effort to keep companies down if no ransom is paid.
Most of us have network attached storage or file servers with disk arrays. When we want to save a file, we create a folder or use an existing one that resides on these devices. We click save and forget all about it. We need to ask questions about the data that we are storing, who has access? Is this access read access only or can they change files? Who can delete these files? A great many of us simply have folders with the permissions EVERYONE Full Access. Most of us have all our data organized neatly together so people can easily find what they need.
When attackers steal data, we need to make their job harder. Segmenting data and setting proper permissions works to limit some of the damage done if you do become a victim and also forces attackers to work harder (make more noise on the network) which often enables your administrators and security team to find them. The days of simply having a firewall and anti-virus are over. Attackers have beaten these defenses years ago. Protection is key, detection is a must. As companies, we must have network and system monitoring systems in place.
You may have heard about the recent attack on Panama law firm Mossack Fonseca, where 2.6 Terabytes of data was stolen. A whopping 11.5 million documents!
Security Information and Event Management (SIEM) systems have become essential tools in today’s cybersecurity landscape.…
Today, organizations need a cybersecurity tool that will offer detection and response, among other services,…
The threat vectors in cybersecurity are increasing, and cyber attackers are targeting small businesses due…
Sophisticated cyber threats have driven the demand for Endpoint Detection and Response (EDR) software, making…
With cyber threats increasing in sophistication, businesses are under pressure to try and stay ahead…
Cybersecurity has become an ever-critical concern for businesses of all sizes. In 2025, as remote…