If You Connect It, Protect It

October is Cybersecurity Awareness Month, follow the conversation and do your part #BeCyberSmart.

Follow us this month as we engage our health IT community in cybersecurity awareness as we are all trying to meet the new challenges of working from home and through the pandemic.

This is week 1 and the theme is If You Connect It, Protect It. We have engaged Atlantic.Net to share insights on this week’s theme.

By Chase Higbee, Lead IT Strategist, Atlantic.Net
Twitter: @AtlanticNet

Internet-connected devices have changed the world we live in. It has changed the way we shop, the way business is done, how we provide healthcare, and even how we communicate with one another. Some argue it has made the world a lot smaller and built a global community with the ability to instantaneously communicate around the planet.

There are an estimated 4.8 billion internet users at present, which makes up about 62% of the world’s population. Add to that an estimated 30 billion IoT devices, countless computers, laptops, servers, and smartphones. You can see how it’s almost impossible to forecast how many devices there are connected to the internet, but it’s safe to say there are quite a lot!

Protecting such an enormous amount of devices has become a necessary evil in the modern era because for all the wonderful things the internet has given us, there is an equal number of terrible things out there waiting. Cybersecurity is an industry that becomes more and more important as every single day passes, as the risks become greater and the reward for bad actors grows. Today more than ever, if you connect it, you must protect it.

If you connect it
As you would imagine with such an enormous digital footprint of devices globally connected to the world wide web, many people become the target of hacking communities or bad actors. Most of our lives are now digitized. By that I mean the way we go about our day-to-day lives is heavily influenced by the internet.

For example, a lot of your financial transactions happen online. You will likely be using internet banking, you will probably have a banking app on your smartphone, and you most likely send money digitally to your friends and family.

All this makes you and the device you are using a target. Now, rest assured that internet banking is an incredibly secure industry, using cutting-edge technology and authentication techniques that make the industry pretty much impenetrable. But you, on the other hand, are seen as the weak link by hackers, and therefore you become the target.

The attack methods are incredibly varied and change depending on the type of device being used, and how up-to-date the device is. If you are running a legacy laptop with Windows XP, you can expect to be at the top of the target list.

The most common attack vectors used are social engineering and phishing. Social engineering has many facets, but the end-game is for cybercriminals to take advantage of personal information that is learned about you from the internet.

Personal data is readily available from social media, but information can be gained from phone calls, texting, and baiting. Facebook has over 2.7 billion monthly users, another 1 billion use Instagram, 500 million use TikTok, 250 million use Snapchat daily, not to mention Twitter, Reddit, LinkedIn, and so on.

What these incredible figures show is that a huge percentage of the world’s population is happy to put personal information online using social media, posting updates, pictures, videos, likes, and dislikes about themselves.

Of course, there are privacy controls available on all of these platforms, and most users take control of their privacy and personal data. But there are inevitably significant numbers of users that are happy to keep their personal data as public information or users that do not understand how privacy controls work. The result is volumes of data that can be mined for information using little or no effort. This allows hackers to target individuals or businesses, building up a profile of their target.

The outcome of social engineering is usually a financial reward for the hacker, or defamation of character for the victim. However, for businesses, the risk can be much greater. Hackers use social engineering to trick employees to allow access to secure IT systems. Phishing emails, phone calls, and text messaging are used to dupe the employee that they are dealing with as a genuine customer, third party, or supplier.

Once trust is gained, the aim is to get the employee to open an email or disclose remote access information to allow malware and ransomware payloads to be loaded onto internal servers. This can result in significant downtime affecting businesses, and often extortion attempts to force payment if the business wants to unlock their files.

Protect It
We all know the risks are out there, and it is quickly becoming your own responsibility to ensure your system is secured and protected against these kinds of threats. Many of the steps you can take to protect your investment may seem like common sense, but you would be surprised how many people do not get the basics right first.

Antivirus is one proven defense against intrusion. Antivirus is big business, and provided the signatures are kept up-to-date, it is one of the best first lines of defense against malware, phishing, etc. The biggest areas of concern are ensuring that antivirus is updated. This is something that’s very simple to do on a laptop, but it’s not always easy to achieve at scale.

A system administrator looking after 10,000 servers needs to keep on top of all the reporting to ensure everything is synchronized. It is easy for large-scale platforms to become out of sync with the update servers for many reasons.

Ensure you are using a modern, manufacturer-supported operating system. Make sure you keep it up to date with the latest security updates. These are typically released once per month. It can be overly complicated rebooting critical infrastructure because of an update, but it’s something that simply must be done to offer you the best level of protection.

Conduct a risk analysis of your IT systems, or even better get an external provider to do it for you. This will not only create a security baseline, but it will provide a road map of where you need to improve.

Another key protection is to train all employees about cybersecurity risks. This should help the workforce to understand what cybersecurity is and what to look out for. Common examples include being on the lookout for phishing, scams, and fake websites. An employee is normally the first line of defense to any business IT system, and ensuring employees are security conscious is a great way to protect it.

If the worst does happen and you are impacted by ransomware or server access is compromised, often the quickest resolution is to restore from backup. Regular offsite backups should be completed on a daily, weekly, monthly rotation to reduce the likelihood of the backups also being infected or compromised. Larger businesses or businesses that are audited should consider disaster recovery planning. This might be a high availability disaster recovery set up in a secondary site or with a cloud provider.

Finally, penetration testing. This is a technique of testing external and internal computer infrastructure against all known vulnerabilities. This could be public-facing websites, servers with internet gateways, or any of the IT systems. Penetration testing and vulnerability scanning will help users to generate a list of recommended fixes needed to protect the infrastructure.