According to a CBS News report, the US Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Agency (CISA) issued a joint advisory warning of an “increase in highly impactful ransomware attacks occurring on holidays and weekends in the United States.” Many offices are either closed or operating skeleton crews during that time.
In the UK and much of Europe, August is holiday time. Families head to the beach or to the mountains or other sites for relaxation and enrichment.
ARC IT estimates that 98% of UK businesses are operating online. The biggest cybercrime targets are businesses holding personal information and those whose staff use personal devices to connect to company resources. Here are some tips to help you enjoy a stress-free vacation.
Visualize
Does this scenario sound familiar? You are settling in a lounge chair with a good book at your favorite beach retreat. The kids are playing in the sand. The weather is perfect. In fact, you think, everything is perfect. Then, the familiar tone of your mobile phone breaks the serenity of the moment. You answer…
The rest of this story can go one of two ways:
Scene A is a junior IT associate at your business reaching out just to put your mind at ease and let you know that everything is fine at work, and all lights are green.
Scene B is the same junior IT associate in a panic. Someone in the company clicked on a phishing link and the main server has been frozen. Red lights are blinking all over the computer room. Our global network has effectively been shut down. We need you to get back to work and try to get our systems back online.
Planning Ahead for IT Safety
Don’t wait until you are on holiday to manage potential phishing or ransomware attacks. Don’t let cyber criminals ruin your holidays. Perform a #cybersecurity review in advance of planned time off:
Training of non-IT personnel - It is critical that all employees who have access to company computing resources fully understand how to spot potential malicious temptations in unsolicited emails. Offers of special discounts, new online games, and tracking of online order deliveries are all seeming innocuous messages with links to interesting sites. These are usually malicious software that will infect the network. Remember…“If you did not request it, do not click it.”
Off-line backup - Business-critical information should be regularly backed up to resources that can not be accessed online. This allows for a quicker recovery should the network and servers be compromised.
Have an IT disaster plan - If your business falls victim to a cyber-attack, having a mitigation plan in place will help speed business recovery. The plan should list the types of vulnerabilities, how you will respond to each, and who will be responsible for various mitigation tasks.
Complete visibility of all traffic - You can not protect against that which you can not see. It is impossible to blunt an attack that you do not see coming.
Connecting Monitoring and Security Tools
There are a wide variety of specialized security tools available to stop cyberattacks before they do damage to your infrastructure or steal proprietary information. The best mitigation strategy is to stop the attack before it is embedded in network systems. Firewalls, Intrusion Protection Systems and Data Loss Protection systems are all critical tools for a robust cyber security profile. These tools should be connected to all links and should be fed 100% complete and accurate traffic information all the time.
Connecting these tools via SPAN ports is a potential liability. These ports may be convenient and cheap because they are standard equipment on many switches. However, the security vulnerabilities of these ports include:
Randomly dropping packets during busy times. This causes inaccurate data on actual traffic flow.
SPAN ports do not report all traffic - Certain packets such as runts, dropped packets, framing errors and other non-standard packets are not passed on for analysis providing inaccurate data for traffic analysis.
Limited number of ports - There are a limited number of SPAN ports on a switch. Due to the variety and persistence of network attacks, it is often necessary to deploy multiple specialized tools on links.
Increase switch traffic - The SPAN port makes a duplicate copy of all network traffic to send to the connected tool. SPAN does this in the switch, unnecessarily doubling internal switch traffic.
Network TAPs are the preferred alternative to SPAN port connections. TAPs are independent of the network. TAPs do not have MAC or IP addresses and thus are not seen by the network. TAPs duplicate all traffic to pass on to analysis and security tools. By providing 100% complete and accurate traffic to tools, more accurate analysis can be provided. TAPs do not add delay to the network and they are not prone to rack power issues due to embedded failsafe technology that keeps live network traffic flowing even when power is not.
Network Critical - Global TAP and Security Innovator
Network Critical is one of the first innovators in the TAP market. With the introduction of the SmartNA TAP portfolio, Network Critical introduced the concept of intelligent, permanent, consistent, independent TAPs. They have since continued to innovate adding advanced features, electric to optic conversion, high-speed link access, and in-line TAPs.
Not all TAPs are alike. Many industry professionals think of TAPs in terms of basic link monitoring. However, just as there are a wide variety of specialized tools for network security, so are there many specialized TAPs to meet the connectivity requirements of these strategic tools.
In-line TAPs, for example, connect active tools that automatically block malicious attacks rather than simply report on such attacks. This configuration helps keep networks and information safe in real-time compared to out-of-band tools that provide reports but require human intervention to mitigate malicious activity.
July is a good time to review your security profile, update your client's IT safety training, back up critical data off-line, and review the effectiveness of security tools. Just like making sure your front door is locked and your oven is turned off before you leave for holiday, check your network security profile before leaving the office.
More information on TAP options and network security is available at www.networkcritical.com/contact-us. Enjoy your summer holidays!
