With the Russian invasion underway as of this morning, the recent warnings of cyberattacks by the Federal Bureau of Investigation and the Department of Homeland Security to law enforcement, military and others charged with overseeing critical U.S. infrastructure has become a possible reality.
Incidents such as the shut down the Colonial Pipeline in a ransomware attack which caused gas stations to run dry along the East Coast in May 2021, the attack on JBS Foods, a major meat processor as well as the operator of ferries to Martha’s Vineyard and Nantucket have all been attributed to Russia. Not to forget that Russian government hackers allegedly hacked the Democratic National Committee and the email account of Hillary Clinton’s campaign chairman John Podesta during the 2016 presidential election.
As major infrastructure is mostly private in the US, private companies now, more than ever before, must be vigilant in protecting themselves. Cyber-attack prevention is therefore an essential part of any business or organization. Oakdale Insurance Group, LLC has compiled this quick 10 step guide to assist you in avoiding a
What is a Cyber-Attack?
Cyber-attacks are deliberate exploitation of your systems and/or network where infiltrators use malicious code to compromise your computer, logic or data and steal, leak or hold your data hostage.
Examples of common cyber-attacks and types of data breaches are:
- Identity theft, fraud, which includes extortion
- Malware, phishing, spamming, spoofing, spyware, trojans and viruses
- Stolen hardware, such as laptops or mobile devices
- Denial-of-service and distributed denial-of-service attacks
- Breach of access
- Password sniffing
- System infiltration
- Website defacement
- Private and public Web browser exploits
- Instant messaging abuse
- Intellectual property (IP) theft or unauthorized access
12 ways to prevent Cyber-Attacks:
1. Train your staff
One of the most common ways cyber criminals get access to your data is through your employees. Attackers send fraudulent emails impersonating someone in your organization and either ask for personal details or for access to certain files. Links often seem legitimate to an untrained eye and it’s easy to fall into the trap. Therefore, employee awareness is vital.
One of the most efficient ways to protect against cyberattacks and all types of data breaches is to train your employees on cyberattack prevention and inform them of current cyberattacks.
They need to:
- Check links before clicking them
- Check email addresses from the received email
- Use common sense before sending sensitive information. If a request seems odd, it probably is. It’s better to check via a phone call with the person in question before replying to a “request”
2. Keep your software and systems fully up to date
Often cyber-attacks happen because your systems or software aren’t fully up to date, leaving weaknesses. Hackers exploit these weaknesses, so cybercriminals exploit these weaknesses to gain access to your network. Once they are in – it’s often too late to take preventative action. To counteract this, it’s smart to invest in a patch management system that will manage all software and system updates, keeping your system resilient and up to date.
3. Ensure Endpoint Protection
Endpoint protection protects networks that are remotely bridged to devices. Mobile devices, tablets and laptops that are connected to corporate networks give access paths to security threats. These paths need protected with specific endpoint protection software.
4. Install a Firewall
There are so many different types of sophisticated data breaches and new ones surface every day and even make comebacks. Putting your network behind a firewall is one of the most effective ways to defend yourself from any cyber-attack. A firewall system will block any brute force attacks made on your network and/or systems before it can do any damage, something we can help you with.
5. Backup your data
In the event of a disaster (often a cyber-attack) you must have your data backed up to avoid serious downtime, loss of data and serious financial loss. Additionally, making sure that you back-up your entire drive is essential so you can copy the information to another machine and able to restart operations with very little down time.
6. Control access to your systems
Believe it or not, one of the attacks that you can receive on your systems can be physical, having control over who can access your network is important. Somebody can simply walk into your office or enterprise and plug in a USB key containing infected files into one of your computers allowing them access to your entire network or infect it. It’s essential to control who has access to your computers. Having a perimeter security system installed is a very good way to stop cybercrime as much as break ins.
7. Wireless Security
Who doesn’t have a wireless enabled device these days? And that’s exactly the danger, any device could get infected by connecting to a network, if this infected device then connects to your business network your entire system is at serious risk. Securing your wireless networks and hiding them is one of the safest things you can do for you systems. With developing more and more everyday there’s thousands of devices that can connect to your network and compromise you.
8. Employee personal accounts
Every employee needs their own login for every application and program. Several users connecting under the same credentials can put your business at risk. Having separate logins for each staff member will help you reduce the number of attack fronts. Users only log in once each day and will only use their own set of logins. Greater security isn’t the only benefit, you’ll also get improved usability.
9. Access Management
One of the risks as a business owner and having employees is them installing software on business owned devices that could compromise your systems. Having managed admin rights and blocking your staff installing or even accessing certain data on your network is beneficial to your security. It’s your business, protect it!
Having the same password setup for everything can be dangerous. Once a hacker figures out your password, they now have access to everything in your system and any application you use. Having different passwords setup for every application you use is a real benefit to your security and changing them often will maintain a high level of protection against external and internal threats.
11. Two-Factor Authentication
What seems to be one of the most painful items to use, is also a pain for malicious attackers. Having two-factor authentication turned on for important logins and systems is one of the smartest ways to protect against anyone being able to hack your password.
12. Have a Response Plan
Make sure you have a protocol in place to guide your employees through a cyberattack. The plan should include the various levels of attack and should include information of who to contact in case of a breach. Don’t forget that informing law enforcement not only assists you in your cybersecurity insurance claim but also alerts others of to deter the same happening to them.
How can Oakdale Insurance help with Cyber Coverage
A cyberattack does not always mean that a business will end in disaster. How a company manages the attack always determines the outcome. Oakdale Insurance is an agency that is unique as we are poised and focused in helping client’s cyber risk mitigation successfully. Our team is a dedicated who assist policyholders at finding the right coverage. They coordinate with carefully selected carriers that specialize in assisting businesses when they are compromised.
Any cyber policy must also include indemnification of losses from lawsuits or regulatory actions. A well thought out plan and a well-coordinated breach response can reduce such risk, but it can never be completely eliminated. Working with claims teams that assist in defending clients in the developing and evolving legal arena of privacy class actions and regulatory investigations arising from cyber breaches, Oakdale has teamed itself with carriers that know these risks and how to manage them. Give us a call to understand how we can help you gain coverage for your business.