Since Covid-19 first reared its ugly head, there has been an accelerated move towards digitalisation, which, in turn, has led to a slew of new cyber threats.
Attackers have been quick to abuse the pandemic to increase profits by exploiting vulnerabilities in connected systems, targeting financial institutions, hospitals, government institutions, businesses and individuals.
So says Yusuph Kileo, a cyber security and digital forensics expert who operates out of Tanzania. "As we approach the festive season, the rise of attacks against financial institutions soar across the globe, due to many people buying online, and using their credit cards for Christmas shopping.”
He says websites that provide financial services or require users to key in their details need to be secure. Businesses should advise their employees to visit only those sites starting with https instead of http, as this means they are secure.
In addition, to be on safe side, it is advisable for individuals to make use of the Web Of Trust (WOT) extension embedded into certain web browsers, as this help identify malicious web sites.
Ransomware, and more ransomware
When it comes to attacks on financial institutions, ransomware remains popular among cyber crooks, and for good reason, Kileo says. Although ransomware is not a new scourge, newer variants are able to infect entire networks and cause considerable damage. “They often command exponentially higher ransoms as a result. No single organisation, no matter how large, small or remote, is immune.”
It’s not all doom and gloom, though. Kileo says there are steps companies can take to protect themselves from this threat.
“Phishing emails or malicious links are the most common method that attackers use to spread ransomware. Irrespective of the security measures that the company deploys, if a malicious link is opened, they could be compromised,” he says.
Yusuph Kileo, a cyber security and digital forensics expert from Tanzania.
This is why, to minimise the risk of human error, companies should offer continuous, ongoing training on how to recognise cyber threats, and stress to employees the importance of examining links and attachments to make sure they are legitimate, and from a reliable source. “Also, warn them of the dangers of sharing company or personal information in response to an e-mail, letter or phone call, and set up protocols for reporting suspicious activity to a designated manager.”
Furthermore, he stresses the importance of always patching and updating software. “Unpatched and unsupported operating systems are easily exploited by threat actors. Remember, the infamous WannaCry and NotPetya ransomware relied on unpatched vulnerabilities to spread around the globe, so be sure to keep your OS and all third-party apps patched with the newest updates; patch early, patch often.”
Plan ahead Next, Kileo stresses the importance of proper backup. "Be sure the backed-up data is stored on a separate offline device that is completely severed from the working network, otherwise, it’s likely to be ransomed along with your primary data.”
He says some vendors release security updates on a regular basis, but there are often 'out-of-band’ or unscheduled updates in case of emergency. “Enable automatic updates if you can, or go directly to the software vendor’s website, as malware authors like to disguise their creations as software update notifications.”
Another way to protect critical data is through network segmentation, which involves splitting the network into smaller segments. “This is typically done by business function or data type, so access can be granted to employees on the principle of least privilege. If an employee falls for a ransomware attack, segmentation can help prevent the virus from spreading throughout the network and operations.”
Also, he advises businesses to use multi-factor authentication, as this adds another level of protection.
No need to panic
You also need to have an incident response plan in place to avoid scrambling to mitigate an attack should one occur.
Says Kileo: “This is key to a swift, systematic response to help contain the damage and minimise costs. To ensure that your plan will fulfil its purpose, test the plan and put it into practice before an incident occurs. The plan should also be updated continuously as you become aware of new risks and vulnerabilities.”
Finally, when falling victim to a ransomware attack, Kileo strongly encourages organisation not to panic, but, rather, to try to identify the type of the ransomware being used and then respond to it accordingly. “Doing this can help you find the solution, as there are a number of online tools to help decrypt known ransomware.”
Share