Cyber Attack Prevention for Remote Working
Best Practices for Adding Remote Access
Cybercriminals are now leveraging our global health crisis to target businesses of all sizes by launching cyberattacks and phishing campaigns to exploit us at a potential time of weakness. There have been warnings issued by government agencies related to cybercriminals targeting businesses that are turning on remote access to their systems in order to help with business continuity. Remote access is a very powerful tool but, if not implemented correctly, may result in a ransomware or cyber attack against the business. As businesses rush to close their physical operations and move to a remote workforce, the improper configuration of these remote access systems can be an easy way for cybercriminals to attack.
Follow these remote access best practices for cyber attack prevention:
1. Unless your IT resources clearly understand the risks associated with using Remote Desktop Protocol (RDP), do not allow them to install it. RDP is a highly exploitable technology that is a primary target of cybercriminals.
2. Utilize a remote control software that allows you to log in to a computer at your office.
3. Make sure the remote control software utilizes Multi Factor Authentication (MFA) so it makes it more difficult for a cybercriminal to hack into your system. MFA sends a text message to your cell phone or an app on your phone to authenticate your log in.
4. Utilize strong passwords that incorporate multiple words, numbers and special characters for the authentication for the remote control software and host computers.
5. If you are using a VPN, make sure your IT vendor has updated all the VPN software. As of just a few months ago, many VPNs had vulnerabilities that could allow a breach to occur.
6. Make sure all remote computers are running the latest versions of Windows or Mac.
7. Make sure all remote computers have anti-virus software installed and the virus definitions are up to date.
8. For Wi-Fi enabled devices, use the strongest encryption protocol available. WPA3 is the newest. At a minimum, you should be using WPA2.
9. Do not allow family members to access any device that is used to remotely access a work computer.
10. Make sure you lock the computer before you walk away from it. On a Windows computer, this can be done by pressing the “Windows” key and the letter “L” at the same time.
Cyber attack prevention is always the first step. But it’s important to be prepared for an attack, no matter how many safeguards you put in place to prevent it. One way to prepare your business for a breach is by backing up all your data. Too many times we’ve seen this not go according to plan, so follow these steps to ensure your data is protected.
1. Confirm that 100% of your data is being backed up.
2. Before you leave the office, make a backup of ALL your data. This includes patient/client databases, attachments, financial systems, images, etc. This backup should be saved to an encrypted external hard drive that is stored offsite.
3. Confirm that all your cloud data backup is up to date and all your systems are being backed up.
Phishing Attacks/Social Engineering
Cybercriminals are now leveraging the current COVID-19 crisis as a methodology to attack systems. Be extremely careful when receiving any emails related to the COVID-19 infection. These phishing emails are designed to lure you into clicking on links or attachments that may seem relevant to the current situation. In addition, heat maps that show the infection rates may direct you to a fake website that will download malicious code onto your device.
Signs of a COVID-19 phishing email may include:
A link to a heat map showing the infection areas/rates
A link to a fake government or state agency designed to look real
A link to a government or state agency with a legitimate name, but a fake hyperlink
A warning to download a document related to COVID-19
A link to a hospital or other healthcare institution
Be extremely careful regarding these types of emails and always use the link hovering technique to verify the final destination. Place your mouse over the link or image, look at the bottom left corner of your screen and ensure the URL (web address) is trustworthy.
For help implementing these cyber attack prevention best practices, please contact Black Talon Security today. We have decades of experience in cybersecurity including prevention and recovery from cyber threats. Give us a call at 800-683-3797 or send a message online.