Jan 06, 2020
DHS Issues Cyber Alert
The Department of Homeland Security has issued an alert regarding potential cyber attacks. The alert includes other threats to homeland security pertaining to Iran.
While there is no indication or warning of an imminent threat, the DHS advises to be alert and be prepared for cyber disruptions, suspicious emails, and network delays. In addition, the DHS also recommends implementing basic cyber hygiene practices such as effecting data backups and employing multi-factor authentication (MFA)
Much like with the recent Cloud Hopper attacks, MFA is simple and effective step to protect yourself.
As we outlined after the initial attack in June 2019, reusing passwords across multiple platforms greatly increases the risk from threats. To mitigate this risk, it’s imperative to use a password manager separate from the browser built-in functionality and generating unique passwords. In addition, 2FA should be in place for all platforms, especially remote management tools.
In response to the recent increase in ransomware attacks, the FBI released some cyber-defense best practices:
- Regularly back up data and verify its integrity. Ensure backups are not connected to the computers and networks they are backing up. For example, physically store them offline. Backups are critical in ransomware; if you are infected, backups may be the best way to recover your critical data.
- Focus on awareness and training. Since end-users are targeted, employees should be made aware of the threat of ransomware and how it is delivered and trained on information security principles and techniques.
- Patch the operating system, software, and firmware on devices. All endpoints should be patched as vulnerabilities are discovered. This can be made easier through a centralized patch management system.
- Ensure antivirus and anti-malware solutions are set to automatically update and that regular scans are conducted.
To learn more about the current landscape of ransomware and how you can avoid falling victim, check out Datto's State of the Channel Ransomware Report.