Typically, the Safety Net covers workplace safety topics and strives to provide solutions that will limit the likelihood of an employee injury. This week we focus on a safety threat of a different kind. One that can be extremely dangerous to individuals, organizations, and even governments. Battles are being fought not just in eastern Europe, but in cyberspace throughout the globe.

We need you to be hyper-vigilant. Current geopolitical events have federal, state, and private cybersecurity experts urging private, non-profit and public sector entities, as well as individuals, to assess their level of risk from a cybersecurity event. 

This heightened caution is the result of increased concern that nation-state-sponsored cyber-attacks may result from global conflict. In addition, unaffiliated threat actors may exploit the moment to undertake cyber-attacks that could result in disruption, data loss, and compromise for you and MEMIC. While there have been no specific attack scenarios at this point, there are risks that require us all to be hyper-vigilant.

The Seven Deadly Risks

1. Phishing attacks
2. Exploiting security system vulnerabilities that are behind in patching
3. Compromising administrator/user accounts due to weak passwords
4. Exposing public facing applications due to application security vulnerabilities
5. Privilege escalation attack
6. Ransomware attacks
7. Remote access attacks

An Ounce of Prevention is Worth a Pound of Cure

• The Federal Trade Commission offers several free online educational quizzes on a number of cybersecurity topics.  If you do not have a Phishing Awareness tool, consider using one that is freely available from a reputable source, like the FTC.
• Scan your network for security issues and research the recommended remediation. Plan to take corrective action according to your change management process. If you do not have a security vulnerability tool, consider downloading Nessus Essential, a free tool that will help you get started.
• Assess your public facing applications for Open Web Application Security Project (OWASP) Top 10 vulnerabilities and if present remediate according to your change management process.
• Require passphrases in place of passwords for administrator and other high-profile accounts by requiring a minimum password length of 15 characters consisting of at least one alpha-numeric, upper and lower case, and a special character.  Passphrases should be something the user can easily remember but not something they have used elsewhere. In fact, passphrases should be unique to each system. To help manage passphrases consider using a password manager application.
• Ensure that all administrator accounts and passwords are changed from published default values.
• Regularly backup critical data and maintain at least several generations in case a restore is required to combat a ransomware attack.
• Implement two-factor authentication, also known as multi-factor authentication for remote access, administrator access, and access to cloud services, for example Microsoft O365.
• Encrypt personally identifiable data on your devices hard drive using native Operating System tools, for example BitLocker for Microsoft Windows, FileVault for Mac OS, and Data Protection for iOS and iPadOS mobile devices.

Embrace the Basics

• Enable automatic updates on your device to ensure your system is kept up to date.
• Install antivirus software if not already installed.
• Use a secure web browser and avoid toolbars.
• Think before you click – the best way to avoid a cybersecurity incident is to be cautious and not click on anything suspicious. For example, an email from someone you don’t know, a file attachment or embedded link you weren’t expecting, or a sketchy website.

We ask that you exercise additional caution during these troubling times to help you avoid a potentially serious disruption. Be wary of emotional causes, for example charity scams, fake news, misinformation, and sensationalism. Threat actors are experts at stepping up their game in hopes of enticing you to click on a malicious file or website link.  Threat actors are also fluent in emotional manipulation and take advantage of current events to compromise your accounts and/or system and exploit them as part of a nefarious plan to make you a statistic. As we’ve learned since 9/11, “see something, say something” so please report anything suspicious that could compromise you or our systems.

Thanks for giving this your attention!

Posted ByJay Carter, Director, Information Security, CISSP