PROTECTING FROM CYBER ATTACKS: HERE ARE THE MAIN SOLUTIONS
As we have seen, threats types are numerous and not always easy to contain.
It is therefore clear that there cannot be a “magic wand” solution capable of defeating them all.
On the contrary, to mitigate these problems, it is necessary to put together multiple solutions in an organic way.
So let’s see the main tactics to protect yourself (as much as possible) from cyber attacks and prepare to better manage the major cyber threats:
Malware is the leading cyber threat, used in over 40% of known cyber attacks. The first defense measure in these cases is to try to intercept this problem before it starts to violate computer systems by acquiring a good anti-malware.
The market offers countless solutions for this purpose and basically all the main antivirus vendors provide good quality products.
These software, installed on every computer device (and it would be good to include mobile ones too), have the task of detecting malicious codes, but it is important to emphasize that often they can only recognize threats already present in their database.
For the correct functioning of a good anti-malware solution it is therefore essential that it is not only present on the systems, but also that it is updated regularly in order to recognize and disarm the latest threats.
In the case of ransomware, in addition to a good anti-malware product, backup remains the best solution.
The goal of the ransomware is in fact to obtain the payment of the ransom to provide the encryption key that allows the data to be recovered.
It should be remembered, however, that it is never recommended to comply with the requests of a criminal, without any guarantee, among other things, of actually obtaining the encryption key in exchange for payment.
A good backup solution, on the other hand, is the best preventive measure against this threat, allowing the company to recover its data without considering to pay any ransom.
For this solution to be effective, however, it is necessary that the backup is updated, appropriately configured and kept separate from the systems it protects (to avoid it being a victim of ransomware in turn).
- Assessments of computer systems
Computer system vulnerabilities are exploited in 16% of known attacks.
These issues include mis-configurations and installation or design defects that plague computer systems, particularly in the presence of very complex or rapidly growing networks.
Vulnerability Assessment is the periodic check of the systems in search of these problems and it is the main defense for this type of threat.
Through this check it is in fact possible to identify the systems and applications to be updated or any problems not yet known.
It is also very useful to associate a Penetration Test with the Vulnerability Assessment: with this second type of verification it is possible, in fact, to test how a possible cyber criminal could exploit the problems encountered and what damage it would be able to cause once the systems are violated.
Performing both checks has the advantage of obtaining a good picture of the company’s risk level, as well as the priorities to be assigned to remedial interventions.
Researchers, as well as criminals, continuously discover new vulnerabilities, so it is good to periodically perform these assessments: ideally every 6 months, but at least once a year.
Continuous vulnerability assesment and remediation is called Vulnerability Management and is highly recommended for critical systems or large enterprises.
- Cyber Security Awareness trainings
Phishing and Social Engineering are threats that try to exploit the only vulnerability that does not include security patches: the human factor.
The solution to this type of threats are the Cyber Security Awareness trainings, specific trainings in order to illustrate the main and most up-to-date types of threats and to learn more about how to recognize them.
It is important that these paths are provided for all personnel who use company systems, for employees, therefore, but also for collaborators and, ideally, suppliers.
The management should have a clear idea of responsibilities in the event of systems and data breaches, both of the company itself and regarding customers data.
Finally, it is a good idea to organize these courses at least once a year in order to be updated on the latest news from the cyber world and the main examples of cyber attacks.
- CDN and WAF
DDoS (Distributed Denial of Service) can be very insidious and make inoperable websites or web applications.
The first solution is to reduce the attack surface by limiting the services exposed to the Internet to a minimum or by redesigning them so that critical applications are properly shielded.
Once identified the smallest number of servers and applications that need to be exposed on the Internet, a good practice is to protect them by adopting a CDN (Content Delivery Network) system.
The CDN consists of a network of servers connected to each other to optimize the distribution of the contents of a service or web application.
The use of a CDN allows to manage the traffic load directed to web services in order to solve, among other things, any overload problems.
It is also a great way to improve the loading speed of website content, optimizing its positioning in search engines.
Another good solution is to have a Web Application Firewall (WAF), a system capable of filtering and managing traffic at the application level directed to web services.
In this way it is possible to intercept and intervene in the event of malicious requests for access to web services, also with regard to further threats in addition to DDoS.
Cyber security must in fact be considered as a continuous process in which technological, organizational and managerial elements are integrated.
Today's HOT includes 26 ransomware victims by the notorious BianLian, Mogilevich, Qilin, LockBit 3.0, RansomHouse, Trigona, Black Suit, 8Base, Medusa, ALPHV/BlackCat, Snatch, Abyss, Dunghill Leak, RansomHub,...Read More