Security: the evolution
Ransomware attacks have been happening more than ever before. Numerous companies have experienced this type of attack with companies such as Asco, Picanol and others having been in the media due to such horrible events. It’s not just bigger companies that deal with such attacks but smaller companies and even municipalities such as Willebroek, have had ransomware attacks. Recovery from ransomware is a very intense process that entails more than merely restoring a back-up.
Initially, internal networks used to be the norm. This network was then connected using WAN (Wide Area Network) networks. Each computer, mostly desktops, had a virus scanner that would detect something abnormal and immediately block it. This technology worked wonders for this setup.
People became more and more mobile as more laptops were being used. They would easily change WIFI networks at work and would pass on passwords to colleagues and even visitors to give them the chance to continue their work and access their documents online. Even though risks were taken, the impact would never be too big.
Consequently, A VPN client was provided to everyone, one that would be easily accessible using username and password to access the software. Opening Outlook, you could easily find all your emails and you could even access all your documents.
More mobile, less secure
Laptops became even more popular and being mobile became even more important as mobile phones introduced themselves to the world with emails suddenly being available to everyone at all times.
Originally there were no issues but as time went on people with bad intentions found new ways of getting information. Everyone who wanted to sign into their domains would use their login details from Active Directory. These accounts would afterwards be synchronized to Office 365 with the option of login into the portal.office.com. Why was this a big change? Where initially we were using our login details for our internal (company) network, we could now also use them for services (such as email) via the internet.
Passwords within our systems are extremely important but for many they are an absolute nuisance. Many people choose the easiest passwords as they are easy to remember, but this is clearly not the safest of options. This data would in many cases also be registered on the websites, websites that would get attacked by hackers.
From that moment onwards, people with bad intentions were able to compile data warehouses full of login details which led to them getting access to the VPN’s of companies. Let’s keep in mind that this wasn’t the case if a company would have been using multi-factor authentication. In the original setup you use login details to keep information secure. If you then add an extra layer based on something that you are, hackers cannot identify themselves as yourself and are therefore not able to obtain your data.
If you limit access to your network or data by using login details, everyone who knows these details could login. Adding something that you can’t obtain through hacking, such as a fingerprint or your smartphone, will create a much safer situation.
How can we protect ourselves fully against such attacks? It is a true challenge.
Multifactor authentication in Office 365 would already be a first step towards some protection. A proper backup and recovery strategy is also not to be forgotten. A company needs to be prepared for the worst. Keep in mind that data centers can also have their issues.
There’s more than the above security checks that needs to be kept in mind. The following steps can take you to a more complete protection plan:
- Review your ICT strategy and protect your (business) identity.
- Even your back-ups need protection and therefore a plan to take care of them.
- Create a recovery strategy that has passed the test.
- Execute a penetration test.
- Repeat and assess your security cycle over and over again.