Earlier this week, the US Cybersecurity and Infrastructure Security Agency (CISA) released a warning advisory regarding ransomware activity targeting health care facilities, calling the attacks “an imminent and increased cybercrime threat to U.S. hospitals and healthcare providers.” While this news is particularly troubling in light of the potential impact to human life amidst the COVID-19 pandemic, ransomware attacks have been on the rise across all sectors and are becoming increasingly difficult to combat.
At GraVoc, we’ve had the unfortunate circumstance of witnessing some of our own customers fall victim to ransomware in the past, so we are writing to highlight a few of the important measures all businesses should be taking to protect themselves:
Develop a disaster recovery/business continuity and incident response plan –
These plans should identify your mission-critical business functions and steps to recover and resume those functions in the event of a disaster and/or cybersecurity event.
Ensure critical systems and data are backed up –
Backups should be both local and offsite. Ideally, your most critical backups should be physically and logically segregated from the rest of your network.
Provide security awareness training to employees –
With phishing and other social engineering tactics at the root of most attacks, one of your business’s best defenses against ransomware and other cybersecurity threats is a well-educated employee.
Keep systems patched and up-to-date –
Most ransomware attacks exploit unpatched, out-of-date systems and software. Keeping your systems up-to-date with the latest security patches reduces your organization’s attack surface and the likelihood of a successful attack.
Use strong, unique passwords and multi-factor authentication –
Credential theft and password cracking are one of the main techniques attackers use to gain entry into your organization’s network infrastructure. Using strong passwords, avoiding use of the same password on multiple systems, and adding controls like multi-factor authentication help prevent attackers from gaining entry to your network in the first place.
This is by no means an exhaustive list. A more comprehensive overview of controls and countermeasures is provided in the CISA’s Ransomware Guide released last month. As always, we are happy to assist you and your organization to address business challenges like this one however we can.
The NSA Cybersecurity Guide for Remote Workers
In this blog post, we cover a few key recommendations for remote workers from the NSA guide, ‘Best Practices for Securing Your Home Network.’
GraVoc Recognized on CRN’s 2023 MSP 500 List
CRN®, a brand of The Channel Company, has named GraVoc to its Managed Service Provider (MSP) 500 list in the Pioneer 250 category for 2023!
The Cybersecurity Implications of ChatGPT
Is ChatGPT a security risk? In this blog post, we explore the cybersecurity implications of ChatGPT, including the benefits and challenges.