Ransomware may be making headlines, but in this webinar, we will discuss methods and vulnerabilities threat actors are continuing to leverage to gain unauthorized system and data access, which disrupt and cost organizations. Walk through attacks utilizing credential stuffing, watering holes and drive by downloads to learn about threat actor tactics and the vulnerabilities they exploit so you can better defend your organization against these cyber risks.
Watering Hole Attack
What is it?
Targeting groups of users by infecting websites those users commonly visit. By infecting users' computers, threat actors are able to gain access to a connected corporate network, where they can then perform a myriad of functions.
Credential Stuffing
What is it?
Threat Actors (TAs) take sets of 'spilled' credentials e.g. those disclosed in online data breaches, and attempt to use those credentials to log into the user's unrelated account(s).
Drive By Downloads
What is it?
The unintentional download of malicious code to a user's computer or mobile device, by leveraging security flaws of an app(lication), operating system, or web browser.
How Can We Help Organizations Mitigate and Defend Against These Cyber Risks?
- Clean up Accounts - Eliminate every account in your Windows Domain that doesn't have a valid business purpose, including 'stale' accounts.
- Ditch Unnecessary Data - Understand what sensitive data is for your company and locate every instance of what you deem sensitive across both your corporate and cloud environments.
- Use Multifactor Authentication (MFA) - Require employees/users to provide two or more verification factors to gain access to the organization's application, online account, or VPN (e.g. password or PIN; badge or smartphone; biometric like fingerprints or voice recognition).
- Make Cybersecurity Everyone's Responsibility - Though words cannot protect us directly, policies, standards, and guidelines are useful in setting a standard of due care that employees can clearly understand. Set a simple, but powerful policy: 'Every employee is responsible for protecting the data entrusted to our company.'
- Write an Incident Response Plan - IT plays a big role and may drive most of the actions during a breach, but they cannot effectively handle response alone. Everyone in the company is a stakeholder and every department should have a representative on the incident response (IR) team and those key contacts should be listed in your IR plan, including those for all related services or vendors. Once you write your plan, practice it '” again and again.
- Have a Solid Back-Up Plan - Expect to be attacked and prepare for it, not only by backing up your data, but also by having at least one offline (not connected to your network) copy of every critical system.