Ten key points to tackle cyber attacks strategically
To avoid damages caused by malicious software, such as ransomware, established as one of the Chiles most recurring incidents companies must implement several initiatives to strengthen their structure.
Santiago, June 06, 2023 Ransomware has been positioned as the type of cyber attack with the greatest increase in Chile and Latin America. This is stated by an Entel Ocean study which compared this type of incident in the first semester of 2023 with the same period in 2022 and identified an attack increase of 27% in Chile. This data is included in Chiles third position, behind Brazil and Mexico, regarding the amount of ransomware received to date.
Ransomware is a type of malicious software often sent via unsolicited phishing emails, which trick users by hijacking and blocking files or systems to prevent access. The hijacker uses encryption to turn files into hostages. And when the victim pays the ransom, they supposedly receive a decryption key to release the locked systems.
With this scenario in mind, Ricardo Pulgarín, Cirion Technologies Security Solutions Architect, explains that companies and institutions should focus on strengthening their cybersecurity framework. To this end, the expert provides 10 recommendations for strategically addressing potential threats:
- Protect recovery systems and backup data: In the event of incidents caused by individuals, ransomware or natural disasters, adopting measures that enable a quick recovery of data and systems is critical. To allow this, data must be backed up, recovery tests must be performed, and a contingency plan must be implemented to define recovery point objective (RPO) and backup frequency, as well as the recovery time objective (RTO).
- Run recovery test runs: This ensures that data is available, that every resource can be recovered, and that everything is working as expected. Furthermore, the determined chain of command should be communicating appropriately and there should be group and individual accountabilities.
- Cybersecurity training and awareness: Establishing data security must be a priority for the company. Therefore, appropriate training is key for employees to understand the risks the company may be subject to and the importance of being accountable when facing potential threats.
- Define the surface of attack: Organizations should know which systems, devices, and services in their environments are necessary to maintain their business online and inventory active. This will help them identify their most vulnerable areas and lay out the baseline for system recovery.
- Audit and manage the most vulnerable devices: For a comprehensive security strategy, it is essential to count on controls throughout all of the network’s critical points. There’s no doubt that perimeter security is important, but for it to be effective given users’ high mobility it must also be complemented by security in final users’ devices.
- Sectorize the network: Sectorization can help contain malware. If a threat reaches the network, it should be blocked and prevented from moving around unchecked, therefore interrupting the collection of information. This requires splitting the network into smaller segments to enhance the flow of traffic and prevent threats from moving laterally.
- Safeguard e-mails to avoid ransomware access: In addition to safeguarding network devices, it is also imperative to ensure that email solutions are executed with their latest updates and that firewalls are in place.
- Expand the focus on identity: Organizations should implement double-factor authentication mechanisms for its remote users and customers, thus providing double validation access to the most critical information. Also, they must monitor usage of gateways, protocols, and network services to prevent malicious applications from finding a security breach that can be explored by the attacker.
- Strengthen security along entire Cyber Kill Chain: The Cyber Kill Chain model examines how cybercriminals act to achieve their goals. Potential human failure underscores the need for a robust security technology and a cyber security strategy which integrates multiple controls and allows visualization of the different stages an attacker needs to cut through before being successful.
- Implement an incident response plan: A clearly defined and proven incident response plan will strongly contribute to a better outcome in case cyber attacks occur.
Cirion Technologies has a complete integrated security portfolio, with mitigation and network protection services, among others, customizable to any industrys requirements.
For additional information, visit https://www.ciriontechnologies.com/es-cl/seguridad-integrada/
About Cirion
Cirion is a leading digital infrastructure and technology provider, offering a comprehensive suite of fiber networks, connectivity, colocation, cloud infrastructure, and communications and collaboration solutions with the purpose of furthering Latin Americas progress through technology. Cirion serves over 5,500 Latin America-based and multinational customers, including enterprises, government agencies, cloud service providers, wireline and wireless carriers, ISPs, and other leading businesses. Cirion owns and operates a portfolio of networks and data centers, with extensive coverage throughout the Latin American region. Learn more about Cirion at www.ciriontechnologies.com
Follow us on our Social Networks:
LinkedIn | Twitter | Facebook | Instagram | YouTube | Blog
Media Contact:
Carolina Díaz
Impronta
Tel: + 56 9 42523795
cdiaz@impronta.cl
Paulette Cartes
Impronta
Tel: + 56 9 34114971
pcartes@impronta.cl