In recent times we have all been made well aware of ransomware cyberattacks like Wannacry and Petya locking down files of major corporations and demanding a ransom be paid to unlock them. In the current era where computers are commonly used in all aspects of our daily lives, it’s not hard to understand why cyber-attacks are becoming more sophisticated and successful.
In the aftermath of these worldwide cyber-attacks we have all updated our antivirus software and crossed our fingers that we will be OK. But regardless of the barriers that we put in place, Cyber-attackers need only one thing to open the gate to let in their malicious software and that is you, the user.
Ransomware/malware generally relies on a user to click on a link or load a file from a USB connected device that will download a malicious payload onto their network connected desktop machine. Once the malware is deployed, the attacker uses the desktop that they now control to gain further access into the network. Their ultimate goal is to gain administrator privileges giving them access to the entire network.
As users, we need to change our own behaviour to become the first line of defence against cyber-attacks and not the weakest link in the chain. Any organisation that can achieve this, will be driving a cyber-security aware culture that represents an opportunity to reduce cyber security incidents at the start of the attack chain.
Knowledge and training are the key to this shift in culture. Organisations should provide regular Cyber-security awareness training for Executives and general users ensuring all users recognize phishing attacks, know how to create strong passwords and identify and respond to a cyber-security issue. Executives also need to know how to manage their online profiles, social media behavior and correct practice while travelling overseas.
User awareness, while extremely important, is only one step in the process in preventing cyber-attacks. Fortunately, there are many tools available that can further assist organisations with security. A product that we use at Macnair is Sophos Intercept X.
New Sophos Intercept X features CryptoGuard, prevents the malicious spontaneous encryption of data by all forms of ransomware — even trusted files or processes that have been hijacked. Once ransomware gets intercepted, CryptoGuard reverts your files back to their safe states. CyptoGuard stops crypto lockers in the act by detecting the ransomware attack and immediately revoking the permission to write to the disk saving your organisations valuable time and significant cost for recovery of data.
We at Macnair have found Sophos Intercept X to be simple enough for an IT generalist, while providing features and functionality advanced enough for the professional security analyst.
If need assistance with Cyber-Security or would like more information about Sophos Intercept X we would be happy to assist you.
Simply call me on 02 8814 5011 or shoot through an email to [email protected] and I’d be more than happy to answer your questions or ease your mind.
Brad Lynch | Macnair | [email protected]
www.macnair.com.au
- Five Eyes Nations Warn MSPs of Stepped-up Cybersecurity Threats - 13 July 2022
- Device as a Service (DaaS): Your Next Business model? - 14 May 2022
- 4 Ways to Strengthen Your Firm’s Cybersecurity Infrastructure to Prevent an Attack - 15 February 2022