Foreign Cyber Attacks: Are Your Defenses Up?

Recent foreign cyber attacks, allegedly executed or backed by governments that have adversarial relationships with the United States, have made headlines.

According to a Microsoft report, Russia has conducted cyber attacks on more than 128 organizations in 42 countries that have supported Ukraine, with the U.S. seeing the most attacks. Along with government organizations, humanitarian organizations, IT companies, and energy suppliers have been targeted. According to the report, Russia’s network penetration and espionage attempts have had a 29% success rate, with 25% of the successful intrusions resulting in data being stolen.

The FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury, issued a Cybersecurity Advisory regarding Maui ransomware being used by North Korea to target the Healthcare and Public Health (HPH) sector. The FBI has responded to multiple Maui ransomware incidents at HPH sector organizations dating back to May of 2021. Some of the attacks successfully encrypted servers responsible for healthcare services including, electronic health records services, diagnostic services, and more. There were also incidents of HPH services being interrupted for significant periods of time due to the ransomware attack.

These are sophisticated attacks that should get the attention of any organization, even if it doesn’t fall under any of the umbrellas targeted in these foreign cyber attack campaigns. Let these incidents serve as a reminder that there is never a time for your organization to let its guard down regarding Cyber Security. Not only do programs to mitigate the risk of an attack need to be in place, but your staff also needs thorough and reoccurring training, and your existing strategies will need to be reviewed and modified as new and more sophisticated cyber attack methods are deployed.

In the wake of these headlines, now is a great time to review some of the key elements of a reliable cyber defense plan:

Risk Assessments: Serves as the foundation for Incident Response and Contingency Planning. A cyber risk assessment identifies the potential threats to an organization factored by the impact on the organization when such an event does occur. Incident Response planning incorporates the results of risk assessments and develops a strategy for addressing likely and impactful threats.

Multi-factor Authentication (MFA): MFA is a simple and powerful way to defend against a cyber-attack. By having users validate their identity before accessing an account your organization can reduce password risk, have greater control over who accesses sensitive files and information, and improve security when people are accessing a network remotely.

Network Monitoring and Auditing: Utilizing a repeatable process to continuously monitor and audit your network will enable you to identify and mitigate risk faster.

Secure Data Backups: Be sure your data backups are thoroughly protected and encrypted, and a secondary copy is stored offsite in a protected environment

Train Users to Recognize and Report Phishing Attempts: 82% of data breaches involve human error. It’s clear that the cyber training many organizations require of their staff is not working. Consider increasing the frequency of training and be sure to test your employees’ readiness with phishing campaigns.

Tabletop Exercises. Tabletop exercises are a great way to uncover issues you may experience during a simulated scenario before a real incident happens.  These exercises allow your organization to evaluate the protection measures, preparation tactics and procedures, and mitigate gaps in a risk-free environment.

Keep Operating Systems, Software, and Firmware Up to Date:  Installing updates as soon as they are available will help minimize vulnerabilities that can be exploited. Utilize the same strategy for antivirus and antimalware software network wide.

CompliancePoint has the appropriate security programs designed to help organizations in a variety of industries plan and execute a Cyber Security strategy that mitigates their risk. Contact us today at connect@compliancepoint.com to learn how we can help your organization.