2023-08-03 06:00:28
The rapid evolution of technology is leading to an even faster expansion of smart electronic devices in our daily lives. However, this broad connectivity in turn poses a new scenario in which cybersecurity is essential.
As the reports of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), cyberattacks are up 38% in 2022 compared to the previous year, with an average of 1,168 attacks per organization per week. A trend that is also reflected in our country, with the year-on-year increase in incidents managed by INCIBE, that exceeded 118,000 cases in 2022.
And it is that the growing dependence on the Internet and new technologies is leading us to a worrying reality: no one is safe from being a victim of a cyber attack. A premise that takes on greater force given the sharing of devices and networks for work and personal use, which further expands the range of entry and reach of cybercriminals.
For this reason, Check Point Software has prepared a guide on the actions that any company should follow to minimize the consequences after being the victim of a direct or indirect cyberattack, and re-secure their data:
Contain the attack and avoid its spread: a simple way to prevent an attack from spreading to other computers in the organization is to simply isolate the source of the infection, disconnecting the affected device from all networks and connections to other computers.
Identify the vulnerability and determine its scope: Once the attack has occurred, the first step is for the cybersecurity manager to locate its origin and trace its path in order to know the extent of the vulnerability, considering not only the affected computers, but also the compromised information.
Ensure continuity of service: one of the biggest aggravating factors in the costs of cyberattacks is undoubtedly the interruption of the activity derived from them. Therefore, it is advisable to try to limit the stoppage as much as possible and try to restore the service from an operational point of view.
Report the incident to the authorities: considered as telematic crimes, a complaint can be filed with the State Security Forces and Corps through any police station or on the different web portals of these official institutions.
Assess and report damage: evaluate the possible implications in systems, information and image of the company to carry out an effective communication of what happened with clients and partners.
Some data that, according to the company’s predictions, will increase in the coming years, and may reach losses and costs that will rise up to 10 trillion dollars in 2025. In fact, these leaks can have devastating consequences for everyone involved, from individuals to companies, and even entire governments and countries, with increasing attacks fueled by the Russia-Ukraine conflict and growing hacktivism campaigns.
Faced with this situation, Check Point Software also provides the essential measures to maintain a proactive cybersecurity strategy and thus have the highest possible level of protection against any incident:
Make a security copy: Regular automation for backup creation allows companies to protect their digital assets to recover from an attack, assuming minimal data loss while avoiding additional costs such as ransom payments. Maintaining backup copies on a regular and routine basis is a very important practice to avoid further damage, as well as to be able to recover what is lost in the event of corruption or malfunction of the disk hardware.
Patch programs and solutions: Patching is a critical component in defending against ransomware attacks, as cybercriminals often look for the latest discovered exploits in available patches and then target systems that don’t already have them. Therefore, it is critical that companies ensure that all of their systems have the latest vendor patches, as this reduces the number of potential vulnerabilities within the company that an attacker can exploit.
User authentication: Accessing services like RDP with stolen user credentials is one of the favorite techniques of cybercriminals. Using strong double user authentication can make it more difficult for an attacker to use a password that they have guessed or stolen.
Reduce attack surface: With the potential high cost of a ransomware infection, prevention is the best strategy. This can be achieved by reducing the impact surface and addressing issues such as phishing messages, unpatched vulnerabilities, the correct use of remote access solutions, or mobile malware.
Implement an anti-ransomware solution: Having to encrypt all of a user’s files means that this attack leaves a unique fingerprint when executed on a system. Therefore, it is recommended that these solutions have features such as fast detection, variant identification, and automatic restoration functionalities.
Cybersecurity training and awareness: ransomware is often spread via phishing emails. It is crucial to train users on how to identify and avoid potential threats of this type. Many of today’s cyberattacks start with a message encouraging the user to click on a malicious link. Worker training is often considered one of the most important defenses an organization can deploy.
“All companies without exception must begin to give cybersecurity the importance it has. The inevitability of cyber attacks highlights the need for an adequate protection system” explains Eusebio Nieva, technical director of Check Point Software for Spain and Portugal. “However, the best strategy is one that is based on prevention, with a Zero Trust structure, helping to prevent any type of incident before it causes greater damage.”.
More information
#Victim #cyberattack #steps #follow #minimize #damage