The 2019 Threat Report produced by Sophos Labs provides an in-depth analysis of key cyber-attack trends. The report also helps the readers analyse the cybersecurity landscape and trends likely to impact the industry in 2019. Here are some key highlights:
- Prepare for ransomware attacks:The report analyses ransomware attacks (e.g. WannaCry, Dharma and SamSam) and argues that the worst manual ransomware attacks started when “the attacker discovered that an administrator had opened a hole in the firewall for a Windows computer’s remote desktop”. Using multi-factor authentication (MFA) and limiting the use of domain admin credentials to dedicated machine(s) are effective tools to prevent ransomware. We also suggest developing an incident response plan (IRP), testing it, and training staff who need to know about it.
- Attacks via IoT devices: There has been significant growth in the numbers of attacks targeting IoT devices. Simple measures such as changing the default passwords to prevent reinfection is key as attacks targeting IoT devices are not slowing down.
- Practise the fundamentals: The report emphasises the importance of returning to the basics. This includes using of password manager and multi factor authentication where available. Do not store passwords in plain text. Be mindful of clicking on unknown links or opening unknown files or messages. Be careful of what you store in "the cloud".
Privasec's Cybersecurity and PCI health checks are cost-effective and have guided our clients in increasing their cyber resilience.
- Cyber Security Health Check: As a business's reliance on technology increases, the risk of cyber-attack also increases. Privasec consultants have years of experience in determining, evaluating and managing cyber risks to improve their client's security posture. Health checks help an organisation in identifying current security strengths and weaknesses.
- PCI DSS Health Check: Achieving PCI DSS compliance can be challenging, confusing and expensive. Privasec can guide you and help you make the right choices thus minimizing your compliance costs.