10 tips for protecting businesses from an Anthem-style breach

David Pollino
Posted by David Pollino
Security

With the way cyberattacks are going, pretty soon we might all have free identity theft monitoring. Like millions of other Anthem health-care customers, I recently signed up for 24 months of monitoring following the data breach involving Anthem customer records.

Side view of young, bearded businessman sitting at his desk, looking intenty at his monitor.The incident is another reminder to businesses of the importance of protecting networks and data. Unlike Home Depot, Target, and other recent giant cyberattacks, this attack appears to have been an Advanced Persistent Threat, or APT.

So what is an APT attack, and how do you help protect your business against it?

APT attacks usually start with malware delivered by email or an infected website. These attacks are normally targeted at specific employees or roles. For example, the criminals send an email with the subject line “compensation analysis spread sheet” to an HR employee from a known contact. The HR employee thinks the message is legitimate and opens it.

The goal initially is to gain control of a machine on the network, and use that compromised user’s password and username to log into other devices and applications on the network in a process known as “lateral movement.” The hackers search for vulnerable servers with “administrator” privileges and servers that contain data. Once they have access to the data, they begin to transfer it out of the network.

Here are 10 things business owners should consider to protect against APT attacks:

  • Install anti-virus protection on each computer and device on your network.
  • Filter emails at the server, and be particularly suspicious of e-mail containing hyper-links.
  • Filter Web browsing with a subscription service that will continuously categorize websites and filter dangerous and suspect sites and can also be configured to filter “uncategorized” sites for added protection.
  • Train employees to recognize, avoid, and respond appropriately to phishing attempts.
  • Monitor outbound connections for sensitive data.
  • Block encrypted connections to unknown sites and to suspected or known malicious sites.
  • Block access to personal email, file-transfer, and data storage sites, including cloud backup.
  • Monitor your company’s databases and servers for unusual activity.
  • Enforce a policy of “least-privilege.” Users on your company’s network should have access to no more applications than their job requires.
  • Enforce two-factor authentication for administrative access to critical servers.

Have a question about security and protecting your business? Send us a comment below.

Reminder: All comments are moderated prior to publication and must follow our Community Guidelines.

Submit an Idea

[contact-form-7 id="32" title="Share An Idea"]

You are leaving the Bank of the West Change Matters site. Please be aware: The website you are about to enter is not operated by Bank of the West. Bank of the West does not endorse the content of this website and makes no warranty as to the accuracy of content or functionality of this website. The privacy and security policies of the site may differ from those practiced by Bank of the West. To proceed to this website, click OK, or hit Cancel to remain on the Bank of the West Change Matters site.