Chances are you don’t live in Kyiv, the capital of Ukraine, and you don’t need to worry about a rocket landing on your office. But even if you’re 6,000 miles away, you could still be beaten of Russia or his Anonymous Cyberwar fallout of enemies.
As the war progresses, the odds increase Everyone will be affected by the resulting and increasing cyberattacks. So what can you do to protect yourself?
I’ve thought about it and here are my suggestions. They may sound simple, but these recommendations could save your business.
You’ve heard it a million times: back up your systems. Well, here it is again and this time you better pay attention. Russia has released a new breed of Windows malware, HermeticWiper, which erases the data from your computers and then makes them impossible to boot. No backup? No computer.
In addition to locations in the Ukraine, companies in Latvia and Lithuania are also affected. I think it’s only a matter of time before systems around the world get corrupted – including the one in a server room near you.
The most common way for malware to get into your computers is through phishing attacks. This common method of tricking one of your employees into clicking a link or opening a file that infects your computer with ransomware or a virus still works as well as ever.
You can tell people not to open suspicious emails, but sometimes they do. While I suggest you keep trying to educate your people, you should invest in too Anti-phishing tools or services.
Have you been reluctant to update your programs or operating system because it’s too much of a hassle? I understand that, but now is not the time to hold back. I guarantee there are nice, juicy zero-day exploits just waiting to be unleashed on older software. The more up-to-date your patches are, the less likely you are to be mistreated when they arrive.
If you rely on it at the same time, say, node.js or other external programming code repositories, it’s time to lock your code. As Alan Cox, a former top Linux kernel developer, explained: “Everyone pull anything from an external repository, especially an automated one, IMHO should start full verification and change control to blocking. People are already talking about trojan stuff like js modules and python modules with anti-who-hate-them protests and traps.”
- Update or buy security software
There are many types of security programs and services. I can’t tell you exactly what you need as every business is different and has different requirements. What I can Tell them, whatever you do, you must obtain and use security programs to protect critical systems. (CSO is a good place to start for the latest information on security software.)
- Use multifactor authentication
A simple login and password is no longer enough these days. You need multifactor Authentication (MFA). Even if you’ve never used MFA on a computer, you’ve used it in real life. For example, every time you fill up at a gas pump with a credit card, you have to enter your zip code. Or if you’re withdrawing cash from an ATM, you’ll need both your bank card and your personal identification number (PIN). These transactions use both a physical factor, your card, and a knowledge factor, your zip code or PIN.
Pretty much everyone supports MFA now, and so should you. It can do a lot to protect you and your systems from harm. However, it’s not perfect. the Old-school userid/password/ and text messages are easy to crack.
Eventually you’ll want to switch to one Zero Trust security system. But that takes a lot of work. They need better security right now, and that means making the most of a quick and relatively simple security solution rather than resorting to an entirely new approach. There will be time for that when the war is over.
Let’s pray that the fighting will end sooner or later, both for ourselves and for the people caught in the middle of the real war.
Next, read the following:
Copyright © 2022 IDG Communications, Inc.
https://www.computerworld.com/article/3652569/after-russia-s-invasion-of-ukraine-its-time-to-hunker-down.html#tk.rss_all After Russia’s invasion of Ukraine, it’s time to lie down