The pandemic has brought new challenges to the world of security threats. At the same time, defending against these threats shows that the basics of cybersecurity still hold true, and we need to double down on those methods. This is especially the case as Windows 11 begins its deployment, with new sets of security concerns to come.
Malware vs Microsoft Exchange
During the year 2021, we observed a series of vulnerabilities specifically targeting Microsoft Exchange servers. Both were discovered in August. The first is called ProxyShell. It attacks servers through compromised credentials and the messaging programming interface. The second is called ProxyLogin where an attacker can bypass administrator credentials. It appeared in March but was not found until August. Both target various on-premises versions of Exchange servers dating back to 2013 versions.
Acceleration of ransomware attacks
In addition to these attacks, we continue to see that ransomware is still a threat to businesses. These attacks continue to accelerate and become more and more dangerous. Hackers have gone even further by compromising software supply chains (as a notable example, see the SolarWinds attack). The initial ransom campaign is now combined with follow-up threats to publish the target’s stolen data, and more ransom campaigns collect the data before the malware renders the PC inoperable.
The plague of reused passwords
And spear phishing continues, playing on the issues that reused passwords still plague many of us because hackers take advantage of widely publicized credential leaks. The best defense here is not to use your corporate email account to authenticate yourself on private services like grocery delivery or online shopping.
Tips to protect yourself from these attacks
To effectively fight ransomware and other attacks, you need to follow these simple steps:
- First of all, make sure your backups are intact and that you can recover your files. Most organizations don’t find out that their backups have been compromised after a ransom attack. You should have automated recovery procedures to continuously test and verify your files. Part of the challenge is that many businesses have a large online footprint, which means multi-day paybacks are no longer adequate.
- Network segmentation also limits your exposure. Your backups should be kept on separate networks and create your network segments so that contractors and other third parties can be isolated.
- User and phishing training is essential. It is a great teaching method and can help improve your safety profile. Have training that is inclusive, easily digestible by non-technical users, and collaborates across departments so it can be rolled out across the organization. It only takes one successful phishing email to hit its target and your entire network could be compromised.
- you must maintain updates and apply patches in right time. Many attacks focus on systems that are running older operating system versions, such as Windows 7 (or even XP) and those that have not applied the latest patches. An important part of patching is being able to take accurate inventories of your software and systems and determine what is obsolete and which systems are not in your inventory. Even though the vulnerabilities of Microsoft Exchange have been known for many months, there are still thousands of unpatched servers that could become their next victims. Pirates are looking for fruits on hand, and hardening those elements will help you stay on top of the fray.
- Finally, if you don’t have it yet Multifactor authentication deployed, now is the time to do it. These tools make it more difficult to compromise accounts. We continue to have information sessions to discuss issues related to the deployment of MFA. And while there are infrastructure issues for network managers and usability issues for end users, this is still one of the best defenses you can take and one of the most cost effective ways to secure your network.
The post Top Security Threats and What You Need to Do Today to Prevent Them appeared first on Nuspire.
*** This is a syndicated Security Bloggers Network blog from Nuspire, written by Josh Smith. Read the original post at: https://www.nuspire.com/blog/the-top-security-threats-and-what-you-need-to-do-today-to-prevent-them/