Introduction
Australian Business and consumers are bigger targets than ever for internet based fraud and statistics show it is on the rise. Scamwatch, the Australian government information site, reports a total loss of over $634 million in 2019.
The following are some simple ways business and users can protect themselves against fraudulent or malicious activity.
Education & Training
Scamwatch is run by the Australian Competition and Consumer Commission (ACCC). The scamwatch.com.au site provides information to consumers and small business about how to identify and report on scams and fraudulent behaviour.
Security awareness training is aimed at educating staff in how to identify suspicious communications and actively tests and retests to ensure learning is embedded, this type of training can be applied at all levels. IT Strategic deliver specialised training in recognising and repelling targeted scam and fraudulent communications/activity. Follow our link to further Security Training and Awareness information.
Training modules are scheduled over months to progressively train your employees without reducing productivity. Employees are targeted for testing using our phishing campaign to reinforce the training. Simulated attacks reinforce training with reports to users where they have inappropriately opened malicious hyperlinks or email attachments.
In all instances educating people to be aware of suspicious communications is the first step in repelling any email/text attacks. Should staff suspect an incoming transmission they should be trained to raise it with IT support for an assessment.
SPAM Filter
An active email filter will protect you from commonly targeted communications. It is recommended all businesses engage a SPAM filter to protect against not only incoming SPAM emails but outgoing. Should a user or device become compromised they can be used to contact clients, posing as a legitimate employee, ordering clients to pay money or provide information useful for future attack.
These types of communication are evolving all the time and while a SPAM filter may not stop all malicious or fraudulent attacks it will reduce the number of attacks, reducing the risk of exposure and protecting staff and clients.
Familiarise yourself with the types of attack and how to respond.
Endpoint Security
With today’s evolving threat pattern, traditional signature-based Antivirus is no longer enough to keep your network secure and operational. We recommend Endpoint Security software that combines Next-Gen Antivirus (NGAV) with Endpoint Detection and Response (EDR) elements, which includes:
Artificial Intelligence (AI) to detect and prevent both current and emerging threats, with continual updates to the platform
Real-time system monitoring instead of traditional device scanning schedule, protecting at all times
Monitor processes before, during, and after execution, probing for file-less threats that do not require a file download for infection
Device Isolation and infection scope report on threats affecting multiple devices
Remediation of ransomware and other infections by rolling back devices to their pre-infection state
Dark Web Monitoring
IT Strategic focus on cyber threats that are specific to our clients’ environments. We monitor the Dark Web and criminal hacker underground for exposure of our clients’ credentials to malicious individuals.
This service is designed to help both public and private sector organisations detect and mitigate cyber threats that leverage stolen email addresses and passwords.
IT Strategic work quickly to secure compromised account(s). Our Identity Management focus is a product of our knowledge and experience in managing user and account integrity in challenging and complex environments.
Network
A computer network provides users with access to resources such as file servers, email and websites. Unauthorised access occurs when a network is compromised through vulnerability or intentional action. There are a number of practical ways local and remote network access can be secured -
Introducing a Firewall to a network provides a method to secure, monitor and manage incoming and outgoing network traffic
Wireless Network access can be managed by enforcing and managing user authentication
Remote Access can be secured via a Virtual Private Network (VPN), encrypting traffic between a user and a resource
Configure your network for guest only access for visitors rather than providing access to your main network
Hide your Wifi SSID and regularly update the password to access the network, permitting certain devices can be used to limit wifi access
Backup
Data Security is critical to ensure your business can recover important files, data and operations. Disaster Recovery Planning (DRP) is a step all businesses should undertake with some regularity. The first step is to identify your assets, servers, PC's, storage, where is all your data? Then identify how this data is currently backed up and/or managed? Consider what steps are required for the business to recover in the event of a disaster? Now how can you improve this process?
A successful backup strategy needs to be tailored to your business needs, size and operations.
In the end a backup is better than no backup... If you are able to access a USB drive or utilise a cloud service like Dropbox, GDrive or OneDrive you will be able to make a copy of your data. It's not full featured backup but it will allow you to return to a point in time should your system become lost.
User Identity Management
Employees are critical to business success and managing their access to company resources should be an extension of business policy and procedures. When the business hires a new employee they need appropriate access to networks, applications, folders and files, email and calendars to perform their job. And when an employee leaves or changes roles, access to business resources needs to be updated. Relevant access to business information should be maintained.
User access can be managed using centralised systems, device configuration or service user setup.
Multi Factor Authentication or 2 Factor Authentication (MFA or 2FA) can be the easiest way to secure your mail services with Office 365 or Google. This authentication mechanism can also be applied to other technologies such as server and network access.
Network Access can be managed using centralised authentication/user management systems and can be extended with MFA/2FA services.
Password Complexity is not difficult to maintain and enforce. Using a password management application will allow you to generate, store, access and share passwords without needing to know or remember them.
Essential Eight Maturity
The Australian Cyber Security Centre (ACSC) has developed prioritised mitigation strategies, in the form of the Strategies to Mitigate Cyber Security Incidents, to help organisations mitigate cyber security incidents caused by various cyber threats. The most effective of these are known as the Essential Eight.
The Essential Eight Maturity Model provides direction to organisations seeking to secure systems, infrastructure and staff. IT Strategic help organisations to determine and improve the maturity of their implementation of the Essential Eight.
IT Strategic can assist to improve your approach to:
Application control
Patch applications
Configure Microsoft Office macro settings
User application hardening
Restrict administrative privileges
Patch operating systems
Multi-factor authentication
Daily backups
IT Strategic are available at any time to discuss what you can do to secure your users, network and environment from unauthorised access.