Cyber-attacks are on the rise in recent months as criminals take advantage of work from home arrangements and vulnerable IT systems. Read more to learn how you can protect your data and urgent counter-measures you can take.
The Canadian Centre for Cyber Security, a federal agency, recently issued an alert about a wave of compromises to computer networks in Canada. The breaches took advantage of less secure remote access services, unpatched services, and a lack of two-factor authentication.
Remote Access – Criminals are taking advantage of vulnerabilities in VPN (Virtual Private Network) and direct RDP (Remote Desktop Protocol) access to servers and workstations
2FA – Two-factor authentication means you need two pieces of evidence to gain access, such as a password and a one-time access code
Patch – An update or fix to a software bug or security vulnerability
The Centre issued this pointed advice:
The Cyber Centre is urging Canadian organizations to apply all security updates to their internet-facing services and enable 2FA for all remote access accounts. Organizations failing to apply security updates promptly and not using 2FA are exposing themselves to compromises such as information theft and ransomware.”
Your IT Managed Service Provider should deliver security patching for the systems they manage. But, they cannot patch unsupported, obsolete hardware and software such as Windows 2008, Windows 7* or legacy firewalls. (*ESU excepted)
ACTION: Contact your MSP to review and replace end-of-life systems.
It is slightly inconvenient, but essential. However, we recommend that you do not use SMS Text messages as your second factor. It is shockingly easy for criminals to take control of your cell phone number. Try AuthPoint:
ACTION: Request a quote for the implementation of AuthPoint
Every network has an “administrator” password. If a hacker gains access to this account, they have the keys to your kingdom. Ideally, your MSP will store your admin credentials in an encrypted vault, and change it when an employee with access departs. Still, hackers can continuously use computational power to try to “brute-force” this door. It is an arms race.
F12 has researched and tested a new solution that automatically changes the administrator password to a randomized and unique key every day and then stores that key in an encrypted, access-controlled system. Contact us for more information.
ACTION: Purchase Daily Administrator Password Rotation
Some security patches only become active after a full system reboot.
ACTION: Speak with your MSP to confirm your reboot/maintenance window.
Have a policy that requires security patches on non-company owned computers. Do not permit weak passwords or direct RDP (Remote Desktop Protocol) access into your network.
ACTION: Consult with your F12 Account Manager to review your policies
ACTION: Use our free cyber security risk assessment to get your instant risk score results