The Most Popular Advice From Our Month-long Daily Dose Program
The Lastline Daily Dose program has been supporting National Cyber Security Awareness Month (NCSAM) throughout October with daily advice to help individuals and organizations detect and prevent malware-based cyberattacks. We have offered a daily dose of advice on simple steps to online safety (week 1), cybersecurity in the workplace (week 2), predictions for tomorrow’s Internet (week 3), and reasons to consider a career in cybersecurity (week 4).
Daily Dose Program
Our final Daily Dose blog post presents the greatest hits—the 6 doses of advice that generated the most readership. Thank you for your interest—we hope receiving a daily dose helped you to be better prepared to fend off cyberattacks.
Popular Advice #6: Don’t let breaches go undetected for weeks or months. Here are 7 steps to speed detection.
Many organizations that experience a breach won’t learn about it for months, or even years. During that time, today’s fast-paced cyberattacks can cause significant damage to a company and its customers.
Staying up to date on the latest attack schemes and techniques, and leveraging readily available threat intelligence are among our advice for improving breach detection. Our recent blog post explores these further and offers five more tips to help enterprises quickly detect a pending or actual data breach before it causes widespread harm.
Popular Advice #5: Criminals aren’t standing still, so you can’t either – Complete a risk assessment yearly & keep security controls updated.
Our adversary is formidable, supported by organized crime and state-sponsored crime rings. Crimeware is evolving at an astonishing speed. It’s just not possible to defeat tomorrow’s threats using yesterday’s technologies. It’s surprising how many corporations are using decades-old security technologies.
There is no shortcut when it comes to cybersecurity. Too many organizations approach it as a checklist item they have to hurry through, resulting in half-baked policies and plans. Bad plans lead to bad results.
Here are some additional roadblocks to adequate, effective security that many enterprises face.
Popular Advice #4: The best defense against ransomware is a current backup that has “versioning,” which avoids restoring encrypted files.
Criminal can demand ransoms because victims are worried about losing their data. But if you have your information backed up, then the criminals lose their leverage. What makes this a bit tricky is that some of your files may already have been encrypted by the ransomware and then backed up, so if you simply restore everything from your most recent backup, some files will still be encrypted. Versioning enables you to restore earlier versions of your data before anything was encrypted. Learn more about versioned backups.
Popular Advice #3: Adding 2FA to the services that you use every day will reduce the risk of having your account compromised
This adds another level of security to yesterday’s tip about avoiding weak passwords. Two-factor authentication is a method of computer or account access control in which a user is granted access only after successfully presenting a second piece of evidence to confirm their identity, and has been demonstrated to decrease the risk of a system or personal account being compromised.
A password typically is the first factor, and the second factor is something the user knows (e.g. answer a question about where you were born), something they have (e.g. provide a code texted to your smartphone or a code generated by a token), or something they are (e.g. biometric identity such as a fingerprint or voice scan).
If you’re curious about what companies support 2FA, twofactorauth.org maintains a list online.
Popular Advice #2: Don’t be a whale – Use email gateway to flag keywords used in Business Email Compromise attacks like “payment” and “urgent”
In the Business Email Compromise (BEC) scam, criminals spoof the email of an executive to instruct someone lower in the organization to do something that benefits the criminal, like wire funds to the criminal’s account. The emails typically have a similar tone, urging secrecy and expedience. So, flagging keywords, such as “payment”, “urgent”, “sensitive”, or “secret” can help to detect this scam.
The scam also depends on spoofing the executive’s email address, typically with a domain name that is very similar to the real one, for example:
- “123abccompany.com” instead of “123abc-company.com”
- “abccornpany.com” instead of “abccompany.com’ (can you spot the difference? – using “rn” instead of “m”).
Simply double checking with the executive who is making the request, by typing their email address, not replying to the original email, is the best way to foil this scheme.
Popular Advice #1: Keep email protection high on your priority list – Most breaches are caused by malicious email attachments
Fifty-one percent of data breaches are caused by malware, and 66 percent of malware is installed via email attachments. So, email is an attack vector that must be secured.
The best and most efficient way of detecting malicious emails is to implement technology that analyzes each email and attachment to identify any suspicious or potentially malicious behavior. For example, there’s no reason why a benign attachment to an email would be programmed to change security settings or try to avoid being detected.
A recent article describes ten specific malicious email threats to help you understand how criminals are using email, and therefore what you need to do to defend yourself.
Latest posts by John Love (see all)
- Coronavirus-Themed Phishing Fears Largely Overblown, Researchers Say - May 20, 2020
- Morning Cybersecurity - May 20, 2020
- Texas regulators tamp down authority of proposed cybersecurity monitor as PUC nears vote - May 13, 2020