Ransomware ‘Gangs’ Are Maturing, So Should Your Company Cybersecurity Policies
A recent WIRED article detailed a “ransomware gang” called Conti that resides in Russia and was recently hacked by a Ukrainian organization in February 2022. While cyber attacks are quite normal in 2022, this hack of Conti unearthed more than 60,000 chat messages and revealed its multiple business units: Human Resources, administrators, coders, and researchers. The overall takeaway is ransomware gangs are now big business and you need comprehensive security policies – think Zero Trust Framework – in place to fend off attacks in a distributed SaaS business environment.
“Management at small and medium-sized companies need to know hackers are now mature business organizations, and their aim is your data and users,” says Eugene Cherish, IT Infrastructure Support at ArcherPoint. “These are enterprise-level organizations with hundreds of people employing developers, researchers, marketing, and even HR. It is crucial to know where your data and security vulnerabilities are in your organization.”
Understanding Your Company’s Threat Vectors
Companies are moving fast to identify their threat vectors, which are “paths or means by which a cybercriminal gains access through one or more of six main routes into a computer system by exploiting a route vulnerability.” See below.
- Networks – private and public Wi-Fi
- Web applications
- Remote access portals
- Mobile devices
The challenge for many IT departments is understanding all the cybersecurity threats and, of course, where data security vulnerabilities live within a company. Hackers are now targeting your workers’ data rather than attacking a firewall, and this has led to new focuses on passwords and multi-factor authentication (MFA), data backups, protecting administrator accounts and protecting your remote desktop protocol (RDP).
With the transition to SaaS environments and IT team staffing issues, data security is a big puzzle and distributed workflow – remote workforces – can increase the number of user permissions, which increases access to applications that can allow a hacker to find openings. Moreover, many hackers create an automated tool to download data if no data-lock protection policies are in place.
As hackers and cyber criminals have more luck finding your mobile device and passwords via phishing, companies are fighting back and implementing sound security policies that fall under a Zero Trust framework and are promoted by the Cybersecurity and Infrastructure Security Agency (CISA). The U.S. governmental organization, CISA, offers best practices and recommends improving security of vulnerable devices, protecting servers, enforcing multi-factor authentication (MFA), segregating internal networks – operations vs corporate – and improve monitoring and logging processes.
Endpoint Security Management
CISA recommends endpoint detection and network defense monitoring capabilities in addition to using allowlisting/denylisting, as many companies are unaware that a hack has occurred and is gathering malicious information for long periods of time.
ArcherPoint’s IT Managed Services offers a specialized concentration on security, risk mitigation, disaster recovery services, custom assessments, Azure migration and management, end point management, awareness training, and more. As a Microsoft Cloud Solution provider that’s earned numerous advanced certifications focused on the cloud, ArcherPoint can recommend products that remedy cybersecurity concerns, such as Microsoft’s Endpoint Manager.
This application offers services and tools to manage and monitor endpoints in your business environment – cell phones, tablets, point of sale units, desktop computers, virtual machines, embedded devices, or servers. This solution combines familiar services like Microsoft Intune, Configuration Manager, Desktop Analytics, co-management, and Windows Autopilot to help secure access, protect data, and respond to and manage risk. The power lies in the ability to push policies up to applications (e.g., email, CRM, or Business Central) and out to devices that are part of Endpoint Manager.
For more on endpoint management, watch our 30-minute webinar, titled, Demystifying Cybersecurity with ArcherPoint. Topics include including password health, backups, end user education, and more.