WannaCry? Well, here’s a tissue – Five Steps to Ensure Cyber Resilience

Aaah! 2022: A year of tremendous innovation and newly discovered freedom. The global rollout of 5G and 6G networks is gaining traction. The continued evolution of augmented reality means that artificial intelligence and machine learning are infiltrating almost every aspect of our daily lives, both literally and virtually. This rapid increase in computing power is vastly improving cloud infrastructure, allowing us to create even smarter devices such as autonomous cars and intelligent robots that can work alongside us in the workplace or do tasks for us at home.

According to Forbes, The Top 10 Tech Trends In 2022 Everyone Must Be Ready For Now (Marr, 2022)’: “Data is a key enabler for all of these trends. Digitization in our world today means we have enormous amounts of data available, and data has now become the number one business asset for every organization. We can use data to better understand our customers, research key trends, and get insight into what’s working inside our organizations. ” [MF1]

Uncle Ben, of Spider-Man fame, famously said, “With great power comes great responsibility”. While that may be true, the more pressing issue with this newfound power and unlimited access to data is the increased risk of data breaches and the responsibility we all have in ensuring that it is kept safe.

Cybercriminals are becoming increasingly adept at finding new ways to fool even the most enlightened of us. In recent years, a new breed of attacks has spawned, with more complex methods being used, resulting in one new ransomware attack every 11 seconds. Some strains have made history, like the WannaCry attack of May 2017, which impacted an estimated 200,000 systems globally and caused billions of dollars in damage.

So, what can you do to stop this digital disease from spreading further? The general rule of thumb suggests that organisations should concentrate their efforts on five key areas to give themselves the best chance of defence:

  1. Activate: Let’s face it, software can be expensive. It is very easy to find cracked versions of software out there and, in the process, save a quick buck. Not only is this illegal in most countries, with fines of up to $150,000, but it also offers hackers a way in by including ransomware in keygen applications or DLL files. Purchasing software legally and activating licenses legitimately may seem expensive at first, but supporting software piracy will expose your systems and can prove to be far more costly in the long run.

  1. Backup: This should be straightforward. Backups have long been the saving grace of IT personnel whenever disaster strikes. Having a robust and seamless backup strategy in place is key. What organizations don’t know is that having data in the cloud does not simply imply that it is backed up. What’s worse is that people often use cloud solutions like Dropbox or Microsoft’s One Drive as their primary backup solution. What is not so obvious is that these cloud services do not natively offer any protection and are often a means to spread infection. Microsoft states in its fine print that they do not back up your cloud data. It is always advised to confirm the vendors’ policy on backups and protection, implement best practices and, in some cases, implement specialized backup solutions such as Dropsuite for Microsoft 365.
  1. Update: The WannaCry ransomware attack famously utilized backdoors to gain access to Windows systems that were not fully up to date. In this instance, backdoors were patched by vendors before they were exploited, which is what typically happens. Only systems that had missing patches were affected – which is why it is so critical to enforce a patching policy in your organization. Making use of the IT Allies Patch Management solution, which forms part of our monitoring agent, will ensure that these loopholes are closed and add a layer of protection against breaches.

  1. Secure: Firewalls, Anti-Virus, Emergency Detection, and Response… These are all buzzwords in the data security space. Without these in place, your business is at risk of exposure. Many organizations try to cut costs by deploying free anti-virus solutions. While these do give you some basic level of protection, they do not cut it when it comes to the most advanced forms of attacks. IT Allies recently launched a cost-effective ransomware detection module for its monitoring agent, which proactively monitors all computers and servers for malicious activity. It works side by side with most endpoint protection tools and immediately isolates suspect computers before any real damage can be done. One thing is for sure: cutting costs when it comes to data security tools is high risk and should never be an option.

  1. Educate: Over 70% of business owners say that educating staff about cybersecurity is the most effective defence against an attack. Your staff are at the frontline and are the primary target for cybercriminals. Alarmingly, cyber security awareness training is generally only provided to staff if industry legislation requires it. IT Allies offers free cyber security awareness training to its SLA clients, which includes phishing simulation campaigns and training videos to help staff identify risks.

 While not foolproof, these five elements will give your business the best shot at warding off any threats. IT Allies offers a free assessment of your environment, highlighting any potential weaknesses and giving guidance on the best strategies to close the gaps. Contact us today to book your free, no-obligation consultation.