Unfortunately, we are living in the day and age of global conflicts spilling over into cyberspace. According to the Washington Post, on June 20, 2019, the U.S. launched cyberstrikes against the Islamic Revolutionary Guard Corps. Currently, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) is seeing a rise in spear phishing and brute force attacks.
NISC’s Cybersecurity Team has created this list of seven ways to help Members ensure their networks are secure and ready to defend against any potential future cyberattacks:
Geo IP Filtering
If there is no need for you to do business with Iran, then have those IP addresses blocked. Geo IP filtering can be found on almost any kind of device or software, such as firewalls, email services, remote sessions, etc.
Updating and Patching
Now is a good time to ensure you are running the latest and greatest patches. Be sure that firewalls, laptops, desktops, email, mobile devices, printers, etc. all have the latest patches and updates applied.
Unfortunately, antivirus software cannot catch 100% of everything, so ensure you have backups created and stored offline. Start with mission-critical machines first and work your way down to everyday machines. Best practice is to store backups offline in hard copy form to prevent potential corruption from any kind of cyberattack launched against your network.
Documenting & Logging Your Environment
Ensure that you can identify all of your assets connected to your network and verify their business case for being on the network, allowing you to quickly identify any potential threats quickly and efficiently. Also, ensure that you are logging and tracking everything that happens on your network by recording and storing logs for your firewall, DNS, DHCP, antivirus, security event and active directory, which will help point you to potential threats.
Your employees are your first and last line of defense. Make sure they understand the normal day-to-day activities of your business and have them reach out if anything seems or feels out of place. Ensure that you review your chain of command procedures with your employees. For example, when would an employee contact Information security instead of helpdesk? If an employee sees a broken door, do they contact their manager or maintenance?
In today’s cyberworld, everything is fair game, even your employees. Cybercriminals will go to extreme lengths to trick your employees into opening a hole in your network for them. Train your employees to identify signs of a potential phishing campaign. Is the spelling correct? Does the sender match the email address? Am I expecting this email? Does the email want me to click on or download something? Who should I contact if I see something malicious?
Because the CISA is reporting on seeing brute force attacks, ensure that your company policies reflect enforcing a strong password. The recommended minimum password length should be anywhere from 10-20 characters. Be sure to force a password rotation. Every 30 to 90 days is a good industry standard. Nothing frustrates a cybercriminal more than spending two months cracking a password just to have it change again.
Learn more about how NISC Cybersecurity Services can help you protect your organization from attack by training your employees, scanning for vulnerabilities, protecting your perimeter and detecting intrusions.