The world of cybersecurity is constantly evolving. With stories breaking every week regarding large-scale attacks, new regulations and government strategies, it pays to keep a watchful eye on events around the industry. Below are two security stories that caught our eye in recent weeks.
You Cannot Modernise Critical Infrastructure Without Cybersecurity
In the USA, lawmakers are debating the Bipartisan Infrastructure Framework. The $1.2 trillion framework is a key move in realising President Biden’s ‘Build Back Better’ vision. It features historic investments in clean transportation infrastructure, clean water infrastructure, universal broadband infrastructure, clean power infrastructure, remediation of legacy pollution, and resilience to the changing climate.
In implementing the Bipartisan Infrastructure Framework, America has the chance to significantly improve the cybersecurity posture of the nation’s critical infrastructure. Unfortunately, many lawmakers still seem unclear about how ransomware attacks against operators of critical infrastructure, such as the recent hacks of Colonial Pipeline and JBS, could undermine any such modernisation efforts.
To succeed in this endeavour, and to make the most of this wonderful opportunity to strengthen the country’s infrastructure, cybersecurity must be prioritised. Why spend money on strengthening the nation’s infrastructure if you are going to leave the door open for cyber-attacks? At a fundamental level, any attempt to strengthen the nation’s infrastructure should be underpinned by a comprehensive cybersecurity risk assessment. The fact that this is even up for debate shows a lack of understanding of the risks that currently exist in our increasingly digital world.
To gain a deeper understanding of the issue at hand, we suggest checking out this article by James Hayes of Tenable. The below extracts really stood out for us:
Criminal groups, foreign adversaries and even lone hackers have shown a strong appetite to target everything from the pipelines that carry fuel to the meatpacking facilities that provide food and even the water treatment plants that supply our most basic needs. And they’re making use of flaws in IT and OT technologies in order to accomplish their goals
Check out the article in full here.
Focus on the Fundamentals: 6 Steps to Defend Against Ransomware
Ransomware is a growing concern for organisations of all sizes. In a new world of remote working, the number of ransomware attacks has been on the rise. In the article we shared above, we looked at the government’s need to prioritise cybersecurity. Now, we want to look at an individual level and highlight why it’s so important for organisations to look after their own cybersecurity hygiene.
Below is a quick round-up of statements and statistics which we read recently that really grabbed our attention.
- In 2020 alone, there were more than 300 million ransomware attacks recorded, an increase of more than 60% from 2019.
- One of the most important drivers of ransomware today is the vast number of software vulnerabilities and misconfigurations that exist.
- Software vulnerabilities have become the fastest growing ransomware attack vector.
- The Ryuk ransomware group was able to propagate an attack from a single email to complete domain-wide infection in just over 24 hours using common AD misconfigurations.
- Ransomware exploits have been targeting Active Directory (AD) weaknesses to gain internal access. Because it is the centre of the security access panel, AD has been given the ominous moniker of the ‘keys to the kingdom’.
Cyber experts such as the UK National Cybersecurity Centre constantly urge organisations to look after the fundamentals. This includes conducting regular cybersecurity awareness sessions with staff, implementing multi-factor authentication throughout your organisation, segmenting your networks to contain a break-in, and performing continuous risk-based vulnerability assessment of your entire attack surface.
Ransomware is a burning issue in our industry and the time to prepare is now. To learn more we recommend checking out this article.
Securing Your Business with ActionPoint
Above, we highlighted some basic steps that an organisation can take in order to improve its security layer. But the very first step should be reaching out to an experienced IT security provider. At ActionPoint, we have vast experience at helping organisations build a more robust and secure IT infrastructure. We take a holistic view of your complete IT environment, including security, to identify areas of weakness. If you have a remote team, cybersecurity has to be prioritised.