Ten key points to tackle cyber attacks strategically

Jul 7, 2023

Ten key points to tackle cyber attacks strategically

To avoid damages caused by malicious software, such as ransomware, established as one of the Chiles most recurring incidents companies must implement several initiatives to strengthen their structure.

Santiago, June 06, 2023  Ransomware has been positioned as the type of cyber attack with the greatest increase in Chile and Latin America. This is stated by an Entel Ocean study which compared this type of incident in the first semester of 2023 with the same period in 2022 and identified an attack increase of 27% in Chile. This data is included in Chiles third position, behind Brazil and Mexico, regarding the amount of ransomware received to date.

Ransomware is a type of malicious software often sent via unsolicited phishing emails, which trick users by hijacking and blocking files or systems to prevent access. The hijacker uses encryption to turn files into hostages. And when the victim pays the ransom, they supposedly receive a decryption key to release the locked systems.

With this scenario in mind, Ricardo Pulgarín, Cirion Technologies Security Solutions Architect, explains that companies and institutions should focus on strengthening their cybersecurity framework. To this end, the expert provides 10 recommendations for strategically addressing potential threats:

Protect recovery systems and backup data: In the event of incidents caused by individuals, ransomware or natural disasters, adopting measures that enable a quick recovery of data and systems is critical. To allow this, data must be backed up, recovery tests must be performed, and a contingency plan must be implemented to define recovery point objective (RPO) and backup frequency, as well as the recovery time objective (RTO).
Run recovery test runs: This ensures that data is available, that every resource can be recovered, and that everything is working as expected. Furthermore, the determined chain of command should be communicating appropriately and there should be group and individual accountabilities.
Cybersecurity training and awareness: Establishing data security must be a priority for the company. Therefore, appropriate training is key for employees to understand the risks the company may be subject to and the importance of being accountable when facing potential threats.
Define the surface of attack: Organizations should know which systems, devices, and services in their environments are necessary to maintain their business online and inventory active. This will help them identify their most vulnerable areas and lay out the baseline for system recovery.
Audit and manage the most vulnerable devices: For a comprehensive security strategy, it is essential to count on controls throughout all of the network’s critical points. There’s no doubt that perimeter security is important, but for it to be effective given users’ high mobility it must also be complemented by security in final users’ devices.
Sectorize the network: Sectorization can help contain malware. If a threat reaches the network, it should be blocked and prevented from moving around unchecked, therefore interrupting the collection of information. This requires splitting the network into smaller segments to enhance the flow of traffic and prevent threats from moving laterally.
Safeguard e-mails to avoid ransomware access: In addition to safeguarding network devices, it is also imperative to ensure that email solutions are executed with their latest updates and that firewalls are in place.
Expand the focus on identity: Organizations should implement double-factor authentication mechanisms for its remote users and customers, thus providing double validation access to the most critical information. Also, they must monitor usage of gateways, protocols, and network services to prevent malicious applications from finding a security breach that can be explored by the attacker.
Strengthen security along entire Cyber Kill Chain: The Cyber Kill Chain model examines how cybercriminals act to achieve their goals. Potential human failure underscores the need for a robust security technology and a cyber security strategy which integrates multiple controls and allows visualization of the different stages an attacker needs to cut through before being successful.
Implement an incident response plan: A clearly defined and proven incident response plan will strongly contribute to a better outcome in case cyber attacks occur.

Cirion Technologies has a complete integrated security portfolio, with mitigation and network protection services, among others, customizable to any industrys requirements.

For additional information, visit https://www.ciriontechnologies.com/es-cl/seguridad-integrada/

About Cirion

Cirion is a leading digital infrastructure and technology provider, offering a comprehensive suite of fiber networks, connectivity, colocation, cloud infrastructure, and communications and collaboration solutions with the purpose of furthering Latin Americas progress through technology. Cirion serves over 5,500 Latin America-based and multinational customers, including enterprises, government agencies, cloud service providers, wireline and wireless carriers, ISPs, and other leading businesses. Cirion owns and operates a portfolio of networks and data centers, with extensive coverage throughout the Latin American region. Learn more about Cirion at www.ciriontechnologies.com

Follow us on our Social Networks:

Media Contact:

Carolina Díaz
Impronta
Tel: + 56 9 42523795
cdiaz@impronta.cl

Paulette Cartes
Impronta
Tel: + 56 9 34114971
pcartes@impronta.cl

Cybersecurity: five critical areas companies must safeguard

May 7, 2023

Cybersecurity: five critical areas companies must safeguard

In today’s reality, where international cybercriminals use malware and ransomware to carry out attacks, companies must adopt organizational strategies centered on creating protection ecosystems which include IT security, focused on information security.

Santiago, July 04^th, 2023  Although IT security has always been a relevant aspect of companies’ operations, never has this topic been so critical. With companies and institutions rapidly advancing in their digital transformation processes, and employees working in remote or hybrid systems, security has become increasingly vulnerable.

However, the notion that this won’t happen to me is still too frequent among companies of all sizes and segments. Without going too far, according to a 2022 Gartner report, by 2025 45% of organizations worldwide will have suffered attacks on their supply chain software, thus providing hackers and malicious actors a fertile soil where they can leverage weaknesses to drive malware and ransomware attacks, to destroy infrastructures and obtain economic gain.

So, what must companies do regarding cybersecurity?

Ricardo Pulgarín, Cirion Technologies’ Security Solutions Architect, explains: Regardless of their size and business, companies must have an organizational security strategy encompassing two aspects: IT security the set of technologies, processes and practices designed for network, devices, programs and data protection and information security, such as the measures and techniques employed to control and safeguard all data handled inside the organization, ensuring that they are exposed only to the appropriate recipients; this is the area of greatest risk.

Beginning with IT security, companies must possess different protection tools to create an ecosystem which can predict and deflect attacks, detect, and contain incidents, and obtain responses to foster research and resolve the problems detected.

In Pulgaríns opinion, in a scenario where vulnerabilities can cause severe damages to a company’s operation, this ecosystem must focus on 5 key areas to prevent and address potential cyberattacks:

Development: Everything a company publishes in the web; for instance, source codes, applications, commercial web pages, corporate sites, and other developments.
Data Centers: All services except web pages, such as GPS management, biometry software, virtual machines, user authentication systems, and file repository, among others.
Connectivity: Every access channel, such as Internet, MPLS, and broadband channels, among others.
Endpoints: User devices, such as business computers and tablets, as well as corporate smartphones.
Users: They are the ones who consume the information and need to know what should be done to prevent them from being victims of hacker scams, through awareness and training on cybersecurity.

About Cirion

Follow us on our Social Networks:

Media Contact:

Carolina Díaz
Impronta
Tel: + 56 9 42523795
cdiaz@impronta.cl

Paulette Cartes
Impronta
Tel: + 56 9 34114971
pcartes@impronta.cl

CenturyLink Expands Data Center Operations in Santiago

Dec 12, 2018

CenturyLink Expands Data Center Operations in Santiago

New construction model optimizes energy and space efficiencies

SANTIAGO, Chile, Dec. 11, 2018 /PRNewswire/ — Global communications and IT provider CenturyLink, Inc. (NYSE: CTL) is expanding its broad regional offering of colocation, hosting, cloud computing, security, collaboration, communications and managed services for its existing and new customers by launching a new energy and space efficient data center in Chile.

Learn more about CenturyLink´s new data center: https://www.youtube.com/watch?v=XdeRYioFU6A

“Located in Huechuraba, north of the Chilean capital, Santiago, and in proximity to customers, the new facility has 24×7 availability, next-generation security systems and is energy and space efficient through the use of an innovative construction model,” said Gabriel del Campo, vice president, data center and security, CenturyLink Latin America. “Using a modular construction model, we were able to have the facility operational in less time — an important benefit to customers eager to take advantage of our data center services.”

Chile’s new data center integrates with CenturyLink’s 18 other data centers in Latin America, as well as the company’s broad global infrastructure, by providing direct connectivity to CenturyLink’s approximately 450,000 route miles of fiber globally.

“Our data center and managed services business is growing,” added del Campo. “We count on high quality data centers to provide our customers with the best solutions and services.”

The data center will provide customers with a processing environment designed to deliver high levels of availability, improved quality and increased speed of access to the rest of the world. The new facility also offers customers fiber route diversity for deployment of contingency environments.

Through this innovative construction model, CenturyLink was able to meet the following objectives:

Offer infrastructure in compliance with the Uptime Institute’s TIER III requirements and regulations TIA 942 and NFPA75 to ensure the level of service required by enterprise customers, in alignment with the strictest rules for next-generation data centers.
Maximize power efficiency and optimize the use of space.
Offer a seismic resistant computing center.
Reduce launch times for new data center rooms.

Key Facts:

Similar to the data center CenturyLink opened earlier this year in Quito, Ecuador, the new data center was built using a modular construction system known as eCentre, a pre-assembled facility, equipped and tested in the factory in Sweden, and customized to ensure the building meets all local structural regulations for this type of construction.
The first phase of the project consisted of a one floor 1500KW data center; however, the complete project is designed to enable vertical expansion to two floors, offering additional space for more than 120 racks on each floor.
CenturyLink’s data centers host both CenturyLink’s and customers’ environments, with a team of specialized technicians managing the environments.
CenturyLink’s data centers in Latin America received several certifications, including the Uptime Institute’s TIER III, SAP Hosting Partner, ISO/IEC 27017 and ISO/IEC 27001, reflecting its commitment to maintain the high level of quality established by international standards for data center management.
CenturyLink regularly measures and improves its data center and security services. An important part of its ongoing maintenance process includes updating and renewing the certification of its installations, the foundation for its strict information security policies, for traditional and cloud services.