With the executive order signed, leading industry standards organizations should be heavily involved to help apply standards and regulations to make sure all connected devices have a proper level of security to create a secure ecosystem and prevent further critical infrastructure attacks.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Hackers published one million stolen credit cards on the dark web to attract cybercriminals to their recently launched carding site. Up to 50% of the cards are active.
The only way to keep a company’s defense up-to-date against ransomware attacks is with constant proactive activity from well-engineered cybersecurity teams.
T-Mobile appears to have suffered a devastating data breach as a reported 100 million records have appeared for sale on a dark web forum. The customer data is about as sensitive as possible, containing accurate Social Security and driver's license numbers.
Fake vaccine certificates have been available for some time, but the market has picked up significant steam as the concept of "vaccine passports" has spread to domestic life and everyday activities.
To stop a ransomware attack, you need the capability to detect threats and take action against them before they ever impact your business. Utilizing services such as extended detection and response (XDR) can provide round-the-clock monitoring from a team of cybersecurity experts.
Accenture said the LockBit ransomware attack that reportedly encrypted at least 2,500 computers and leaked 6 terabytes of data had no impact on its operations.
Far from sensationalizing ransomware attacks, our response should be to return to the basics of cybersecurity. This requires a converged IT-OT security strategy to limit damage and protect valuable assets.
As part of the Biden administration's ongoing infrastructure bill project, which looks to commit trillions of dollars to addressing longtime issues with the country's vital utilities, $1.9 billion has been proposed for cybersecurity funding.
Ransomware has quickly grown from an annoyance to a life-threatening problem plaguing organizations in all industries. Organizations should address the two most common attack vectors, open RDP on the internet and the human factor.










