How to Protect Yourself Advanced Cyber Threats in 2018
Ransomware attacks are on the rise. 2018 could see more ransomware threats happening compared to 2017.
There are some very basic things that can be done to prevent yourself from ransomware and other advanced threats. Let’s take a look:
You should see this as top in priority. The system or devices you use should be kept up-to-date. This helps prevent security vulnerabilities and ensure better functionality. Make it a point to update your OS to the latest version. Remember, the WannaCry attack and the NotPetya attack targeted Windows systems that had failed to apply a security patch. So, be very particular about patching vulnerabilities. You should also keep updating all software, including your antivirus program and other security software.
Awareness of latest threats and trends in cyber security…
Staying aware of what all is happening in the world of cyber security- about the latest trends, the latest threats, the ransomware scenario etc- is important. That helps take sufficient precautions to stay protected from vulnerabilities, threats and attacks. If you are running a business, make sure everyone involved stays aware of the latest trends and threats.
It’s a very vital part of keeping yourself safe, not just from ransomware but from all kinds of threats and attacks. Always create passwords that are strong and has nothing to do with your date of birth, anniversary dates etc, thereby making it difficult to guess. Strong passwords would have a mix of alphabets, numbers and non-alphanumerical characters. Similarly, it’s important to keep changing passwords regularly.
Staying wary of phishing emails and suspicious links…
Phishing emails (which contain links or attachments that you might click on or download) and suspicious links (links that come seeking you via Instant messenger services and chats) could bring in ransomware that have the potential to cripple your system or entire network, thereby forcing you to pay a ransom to retrieve your files and data. The best practice would be to stay wary of such phishing emails and unsolicited links. Always ensure it’s sent from a genuine source before opening it or clicking on a link. That helps stay away from ransomware attacks and other advanced threats.
Identifying, securing all your internet threat vectors
It’s very important that you identify all your internet threat vectors. Ransomware and other advanced threats don’t come via phishing emails alone. You could get infected when you are downloading songs or videos from untrusted sources. You could get infected while visiting websites that are not secured. You could get infected via applications, through devices connected remotely to your system/network, through on-site users. So the most important thing is to identify all your threat vectors and then securing them. Thus, for a company that has people logging in to the enterprise network from remote locations as well (like employees connecting from their homes via personal devices), it’s very important that the remote workforce is not forgotten and that area is also secured.
Identifying the latent threats in your system
There could be lots of latent threats in your system/network which could cause you much damage. These include emails that you have left unopened, links that you have never clicked on and applications that you haven’t ever used. You need to identify all such latent threats, for which you must scan all emails, links and applications in your system/network and then patch all vulnerabilities.
Safeguarding all attack surfaces
Each attack surface is to be safeguarded. It’s always best to safeguard your cloud and your SaaS-based apps as well (like for example Office 365). Thus it’s always best to go for a centralized security solution that managed hybrid networks and secures all attack surfaces in a comprehensive manner.
Taking special care of data and having data backup
The data at your disposal- whether it be data pertaining to your company or sensitive personal data of your customers- is one among your most valuable business assets. It’s very important that you take special care of the data at your disposal. You must monitor as to who accesses all the data that’s stored in your systems and how and when the data is used. There should be someone responsible for the data. Data backup is also important. Take a backup and keep updating it regularly. This helps when there is a ransomware attack and you lose control over all your data. You wouldn’t have to pay the hackers to get the data retrieved.
Restricting administrative and system access
Restricting administrative access to select employees and giving system access to only those people who need it (especially on those systems that deal with customers personal data etc) would help fix the security loopholes that could turn out to be entry points for hackers and threats. Moreover, some ransomware are designed in such a way that they would need the administrator account to function. Thus being careful about restricting administrative and system access would be a major step towards securing yourself from ransomware and advanced threats.
Remembering that anyone can be targeted…anytime
Today anyone can be targeted and attacks can happen anytime. It’s always good to keep in mind that you could be the next target of a ransomware criminal and that you could end up losing control over your system and data. So, it’s always good to stay prepared and do the needful to block threats and attacks.
Julia Sowells960 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.