Over the past several weeks, we have seen an alarming increase in successful cyber attacks across our customer base. In every case, a user’s action allowed malware to be installed that compromised the user’s account information. In most cases, accounts were used to send spam; others had files deleted. All of these organizations were lucky in that they were not caught by ransomware.
In every case, the breach could have … and should have … been prevented.
As we have discussed in past blog posts on malware and ransomware trends, impact, and prevention, a recent 3T@3 Webcast, and in our Business Guide to Ransomware, we have discussed the need for small and midsize businesses to protect themselves from this threat.
Our strategy is simple: CPR! Communicate the risks and potential impact and provide clear policies for positive behaviors. Prevent attacks by deploying technologies and multi-layered protections. Recover in the event of an attack using systems designed to help you return to normal operations quickly.
If you do not have sufficient protections in place, you are enabling a successful attack.
Looking at current and trending attack profiles, we are recommending several preventative measures:
- Upgrade your endpoint protection against malware
- Use a web filtering service
- Turn on 2 Factor Authentication (2FA) for all users with Admin rights, and preferably, for all users
- Verify that your email security settings are correct and complete
With some basic measures, you can minimize the chance of a successful attack.
For our customers we will contact you if your Admin users are not protected by 2FA and will help you set this up. You may also contact firstname.lastname@example.org for assistance.
If you are interested in learning more, check out the resources in the right column, or contact us for a no obligation session with a Cloud Advisor.