Platform and Technology Capabilities
M&A Playbook – 5 Tips on How Private Equity Can Use Technology to Drive Value
Synoptek Partners with NPWR Group to Extend Salesforce Capabilities
Building Temporary COVID-19 Care Facilities for the U.S. Army Corps of Engineers
SupplyChainBrain: Three Ways to Reinvent Your Business Post-COVID-19
Home / IT Blogs / What You Need To Know About Cyber Threats
November 5, 2019 - by Synoptek
For much of North America, the fall means the gloves come out and so do the guns: It’s Hunting Season.
There’s a trend in Cybersecurity operations to work to close the gap between discovering a breach after the damage has been inflicted, and delving deeper into the infrastructure to evaluate the “What/Where/When/How” to advance the security team’s preemptive efforts in deterring or at least containing the malicious activity. And with one report suggesting ransomware being up almost 90 percent over last year, it’s getting a bit confusing as to which side of the “hunting season” organizations are finding themselves.
November is also a time for reflection on the potential for cyber hacking predators to step up their hunting efforts as well. But beyond the traditional “Guy Fawkes Day,” antics that always enshrines November 5th, the FBI is once again suggesting that the chance for a rise in nefarious activities surrounding the date may be a precursor to the rising tide in activities around ransomware and zero-day attacks.
To stay ahead of the tracks, Synoptek suggests IT teams dig more thoroughly into the data to identify possible attack trends. Like a flock of ducks to decoys, cyber threat actors tend to follow patterns in how they approach their targets. The trick is learning how your system behaves, and what constitutes an “anomaly” within it, and that requires more than what the audit trails and firewall settings are reporting.
Just like checking the weather conditions before heading out into the wilderness to catch that unsuspecting prey, cyber threat hunters must completely understand the IT system environment, and what is happening in and to it.
That means collecting copious amounts of data from multiple sources within your system (endpoints and beyond). Because ransomware seems to be in season, security engineers, architects and threat hunters tend to agree that it’s important to collect and compare data against threat feeds to confirm the existence of known threats.
But collecting data is only a part of what it takes to be effective in defending against a breach. The ability to process the information for trending and further analysis, pivot off what is collected, can help companies—especially in the mid-market sector—set their sights on more refined defense mechanisms ahead of an incident. This shift in focus is the very reason why and how Cybersecurity teams are able to connect seemingly unrelated threats and understand the full scope of an attack before the spread of a crippling event.
Any young man who has ventured out with the Boy Scouts knows that two-word phrase can cover a lot of ground. The same is true when preparing appropriate possibilities against the potential increase of ransomware attacks that seem to be on the rise in popularity.
And while November tends to kick off the “SAD Season,” a time that usually sees elevations in boredom, anxieties associated with the onset of “Cabin Fever,” and other oft-reported motivators behind bad online behavior, recent history suggests hacktivities don’t seem to get any greater than those that occur at other times of the year.
Fact is, hackers just don’t care about your feelings! The FBI reports that while Anonymous and other groups have often tipped their hands to foreboding moments in the past, like in November 2011’s “Operation Fox Hunt” and “OpFacebook,” although both of those threats came to no avail. Still, it’s good to make sure you keep your powder dry and your barrel clean!
Just a few thoughts as we wax into Autumn and deeper into the woods, our friends in The FBI suggest taking a few steps to make sure our house is in order, lest we are mistaken for a target in the field:
Update and harden your system passwords. They should not be easily guessed.
IT administrators and teams should ensure common vulnerabilities and risks are patched on all systems.
Are they tuned properly? We are seeing a dramatic increase in redundant reports out of our SIEM, most of which is based on improper system configurations.
Let’s keep a vigilant watch for social engineering tactics that target sensitive information and unsuspecting clickers.
How’s our data back-up and recovery plan? Think back to that time your computer crashed but you had a hard drive to back it. Same applies here, always be prepared.
Are we maintaining copies of sensitive and proprietary data in a separate and secure location? Don’t make yourself an easy victim.
How dependent are we on public facing web servers? Consider investing in private applications.
Oh, and one more thing: be careful where you point stuff!
Want to stay clear of cyber threats but don’t know where to start? Contact one of specialists today for a free consultation.
© 2021 Synoptek, LLC. All Rights Reserved.