Covid-19 has caused a seismic shift in how businesses operate. Offices have shut down, and workers have gone remote. Employees returning to offices are putting additional stress on limited resources that have shifted to some extent to supporting the work-from-home option. On one hand, IT infrastructure is struggling to cope with an increase in demand while on the other, attackers are seeking to exploit vulnerabilities in this newly expanded remote work environment.
Unauthorized software and devices and stressed and distracted workers have expanded the attack surface and left businesses exposed to a number of cyber-risks. Small and medium-sized businesses in particular are most vulnerable since a majority of them run legacy or outdated systems.
In such challenging times, management teams need to have strong oversight on the cyber-threat landscape.
Tactics To Reduce Cybersecurity Risks
An ounce of prevention is worth a pound of cure. This Benjamin Franklin axiom is not only glaringly true in pandemic times but also in the world of cybersecurity. Similar to mask wearing and hand washing, it’s important that businesses follow cyber-hygiene best practices to ensure attackers are thwarted from gaining access to your network in the first place.
Organizations can use this cybersecurity checklist as a guide to reduce their overall exposure to cyber-risks:
Patch systems on a priority.
Research has shown that for small and medium-sized enterprises, three-fourths of unpatched vulnerabilities are over a year old. It is estimated that unpatched vulnerabilities cause one in three breaches. Having a system in place to discover, test and deploy patches is a vital first step in defending against cyber-attacks. Don’t forget to isolate systems you cannot patch by restricting access to those systems.
Eliminate exposed ports and services.
There has been a surge in the use of Remote Desktop Protocol (RDP) recently owing to the pandemic. RDP ports are often exposed to the internet, which led to remote desktop accounts reportedly being hit by millions of automated attacks recently. As a security best practice, regular port scans and penetration testing must be conducted to ensure there are no unchecked vulnerabilities. Ports that are not in use must be closed, and businesses must install a firewall and monitor and filter port traffic. Research found that almost two-thirds of port attacks target only three ports. It might also be a good idea to disable SMBv1 protocol as this is widely used as a means to carry out ransomware attacks.
Protect against phishing and other email-borne attacks.
To keep the enterprise secure, employees need regular training on phishing scams and deception techniques to avoid putting the business at risk while working from home. It is also important to block potentially malicious file attachments (such as .exe, .bat, .js, .vbs, etc.) and also disable macros and Object Linking and Embedding (OLE) packages as these could launch malicious scripts.
Secure your web browser.
Even the most legitimate websites can serve up a malware-laden advertisement. This technique is known as malvertising. Use of ad blockers and end-point security can help block such unwanted ads.
Deploy a system to proactively monitor and protect endpoints.
Patching, isolation and limiting risky behavior can greatly reduce the chances of cyber-attack. But it’s also no secret that many attacks happen from zero-day threats. Hence, it’s important to monitor systems, servers and endpoints for unusual behavior. Next-generation endpoint security can help detect unauthorized behavior of users, applications, and network services and also block suspicious actions before execution.
Although nothing can guarantee absolute defense against threats, it’s important to keep a close eye on evolving cybersecurity trends and best practices to avoid unnecessary costs or business disruptions.