All Posts Tagged: cyber attack

10 tips for protecting businesses from an Anthem-style breach

David Pollino
Security

With the way cyberattacks are going, pretty soon we might all have free identity theft monitoring. Like millions of other Anthem health-care customers, I recently signed up for 24 months of monitoring following the data breach involving Anthem customer records.

Side view of young, bearded businessman sitting at his desk, looking intenty at his monitor.The incident is another reminder to businesses of the importance of protecting networks and data. Unlike Home Depot, Target, and other recent giant cyberattacks, this attack appears to have been an Advanced Persistent Threat, or APT.

So what is an APT attack, and how do you help protect your business against it?

APT attacks usually start with malware delivered by email or an infected website. These attacks are normally targeted at specific employees or roles. For example, the criminals send an email with the subject line “compensation analysis spread sheet” to an HR employee from a known contact. The HR employee thinks the message is legitimate and opens it.

The goal initially is to gain control of a machine on the network, and use that compromised user’s password and username to log into other devices and applications on the network in a process known as “lateral movement.” The hackers search for vulnerable servers with “administrator” privileges and servers that contain data. Once they have access to the data, they begin to transfer it out of the network.

Here are 10 things business owners should consider to protect against APT attacks:

  • Install anti-virus protection on each computer and device on your network.
  • Filter emails at the server, and be particularly suspicious of e-mail containing hyper-links.
  • Filter Web browsing with a subscription service that will continuously categorize websites and filter dangerous and suspect sites and can also be configured to filter “uncategorized” sites for added protection.
  • Train employees to recognize, avoid, and respond appropriately to phishing attempts.
  • Monitor outbound connections for sensitive data.
  • Block encrypted connections to unknown sites and to suspected or known malicious sites.
  • Block access to personal email, file-transfer, and data storage sites, including cloud backup.
  • Monitor your company’s databases and servers for unusual activity.
  • Enforce a policy of “least-privilege.” Users on your company’s network should have access to no more applications than their job requires.
  • Enforce two-factor authentication for administrative access to critical servers.

Have a question about security and protecting your business? Send us a comment below.

Read More ›

A cyber attack that’s most often a diversion

David Pollino
Security
Woman

DDoS attacks are increasingly used as a smokescreen for more devious hacking.

Read More ›

Alert: Scammers pose as business contacts in social media

David Pollino
Security
Young business woman smiling as she reads something on her tablet.

A new report on high-profile scams merits a quick review of ways to protect yourself and your business in social media.

Read More ›