5 New Year’s Resolutions to Protect Your Organization’s IT Infrastructure
The biggest and sneakiest cyberattacks that shook the digital world in 2017 highlight the need to protect your organization’s IT infrastructure.
Below are some New Year’s resolution ideas to protect your organization’s IT infrastructure based on lessons learned from the most destructive cyberattacks in 2017.
1. Update Server OS
The cyberattack called “WannaCry” highlights the need to protect your organization’s IT infrastructure through server operating system (OS) update.
In May 2017, hundreds of thousands of computers around the world were locked out by WannaCry with a notice on the screen to pay a certain amount to unlock the compromised computers.
WannaCry is referred to as a ransomware – malicious software (malware) that locks computers and asks victims to pay ransom money, usually via Bitcoin, to unlock the locked computers. Some of the victims who paid ransom money to WannaCry attackers, however, were unable to unlock their computers as the code of the malware was written in such a way that even the attackers themselves can’t determine which computer to unlock. Whether this is intentional or not, only the attackers know.
WannaCry is considered as one of the most destructive cyberattacks in 2017 as this malware is also a “worm” – capable of spreading itself within networks without user interaction. Because of this worm-like capability, WannaCry can easily spread from one computer to another, especially those that allow file sharing.
To deploy the WannaCry malware, the attackers used “EternalBlue” – a spying tool stolen from the US National Security Agency (NSA) and leaked online. EternalBlue infection only works with computers using Microsoft operating system, including the Windows Server 2003, Windows Server 2012, Windows Server 2012 R2 and Windows Server 2016, that fail to install Microsoft’s March 14, 2017 security update. In this update, Microsoft fixes the security vulnerabilities exploited by EternalBlue.
The WannaCry fiasco shows the importance of updating your organization’s server OS as security vulnerabilities are typically fixed by security updates.
2. Update All Other Software
The data breach in May to July this year at major credit reporting agency Equifax highlights the importance of keeping all your organization’s software up-to-date.
According to Equifax, the vulnerability in the open-source network called “Apache Struts” in its US online dispute portal web app was the cause of the massive data breach affecting 143 million Americans. The company said sensitive information of a number of Canadian and UK residents were also exposed in the data breach.
According to Apache Software Foundation, a non-profit organization that manages Apache open-source software projects including Apache Struts, said that the security update fixing the vulnerability in Apache Struts referred to by Equifax has long been released to the public prior to the said data breach.
The non-profit organization said that majority of the breaches that came to its attention are “caused by failure to update software components that are known to be vulnerable for months or even years.”
3. Backup Important Data
The NotPetya cyberattack in June 2017 highlights the need to backup important corporate data. Similar to WannaCry, NotPetya is also referred as ransomware as it exhibits the characteristics of a ransomware – locking out computer users and the ransom note shown on the compromised computer screen.
Victims of WannaCry and NotPetya, to date, have no means to recover the data locked out by the attackers. These two destructive malware in 2017 demonstrate the need of backing up important corporate data, both onsite and offsite – via the cloud.
Also in July this year, a major Canadian company was forced to pay $425,000 worth of Bitcoin to restore its computer systems after a ransomware attack. Daniel Tobok, CEO of forensics firm Cytelligence which helped in the investigation, said, “They literally had no choice but to pay.”
If your organization is prudent in backing up important data, ransomware attackers won’t have any leverage against your organization and your organization can freely opt not to pay a ransom.
4. Keep Hardware Free from Cryptocurrency Mining Malware
The rise of cryptocurrency mining malware this year as a result of the surge of the Bitcoin price highlights the need to keep your organization’s hardware free from this type of malware. Bitcoin’s price rose from $1,000 in January 2017 to $13,000 as of the end of December 2017.
In 2017, cryptocurrency malware, including Adylkuzz and Coinhive, were distributed into the wild. While Coinhive is distributed via compromised websites, Adylkuzz is distributed via computers and servers using Microsoft operating system that fail to install Microsoft’s March 14, 2017 security update –
this again shows the importance of keeping your server OS up-to-date.
These two cryptocurrency malware stealthily utilize the computing power of corporate servers to mine the cryptocurrency Monero. The price of one Monero coin rose from $13 in January 2017 to $338 as of the end of December 2017.
Cryptocurrencies such as Bitcoin and Monero need to be mined in order for the digital coins to be processed and released. The miners – referring to those who allow their computers for mining – are compensated.
With Adylkuzz and Coinhive, attackers are the ones that are compensated, leaving the real owners of the compromised servers or computers blind to what’s happening. If your organization’s servers and computers are running slow, this could be a sign of cryptocurrency mining malware stealthily using your organization’s computing power.
If your organization is offering goods or services or monitoring the online behavior of European Union (EU) residents, all the more, your organization needs to put in place security measures to prevent cyberattacks and data breaches.
This coming May 25th is the implementation date of the EU law called “General Data Protection Regulation (GDPR)”. This law has an “extra-territorial” component, meaning it’s applicable to all organizations, even those not based in the EU, that offer goods or services or monitor the online behavior of EU residents.
The law requires organizations to put in place security measures “from the onset of the designing of systems, rather than an addition”. In case of data breaches, the law requires organizations to notify authorities within 72 hours and to affected individuals without undue delay. Organizations can be fined up to €20 million or 4% of annual global turnover for breaching GDPR.
At GenX, we offer the following cybersecurity services:
- Server OS Update
- Firewall with customized configuration and rules
- Secured Virtual Private Network (VPN) for remote access
- Intrusion prevention
- Threat detection and response
- Website tracking and filtering
- Email Spam blocking
- Data loss prevention
- Complete Application control
When you need help, our team of experts is a phone call way. Call us today at (416) 920-3000.