By: Raum Sandoval
On March 21, 2022, President Biden warned businesses to prepare for possible Russian cyberattacks in light of the ongoing conflict in Ukraine and the economic sanctions in place against Russia.
Entara and our Security Managed Detection & Response partner, eSentire, remain on high alert against these potential attacks. In addition to our recommended security hardening processes, tools and services, the best defense against cyberattacks are your users. It is time to band together to form a human firewall by following the below best practices, keeping in mind you can apply these same principles to both your work and personal accounts and technology:
1. Be cautious and alert to the dangers of phishing. While phishing protection and spam filtering are likely in place at your organization to block and prevent suspicious emails, bad actors can execute customized and targeted phishing attacks that spoof known business email addresses and make their way into your inbox. In addition, it is not uncommon for bad actors to take over the account of someone you legitimately communicate with regularly. To mitigate risk, follow the email security best practices below:
- Do NOT open emails that are not business-related. Ignore emails such as IRS news, Covid news, Russia, Ukraine, advertisements, etc.
- Do NOT click on links or open attachments in emails unless you are expecting them from a trusted sender. When in doubt, call the sender to verify. Do NOT reply to the same email address.
- Do NOT give out any personal or sensitive information in an email.
- Do NOT open emails from unfamiliar senders.
- DO verify the email address of the sender.
- DO report any suspicious requests made over email.
2. Use Multi-Factor Authentication (MFA). Turn on MFA on ALL of your accounts including social media, financial, and email. With MFA, it is significantly harder for attackers to access your accounts unless they also have your phone or mobile device. Do NOT approve or share your MFA prompt with anyone or when you are not expecting a request for approval.
3. Use strong, unique passwords. We recommend 16-digit, complex passwords, using a combination of letters (upper and lower case), numbers, and symbols. Consider using phrases with spaces and special characters to help you get to 16-digits. NEVER re-use the same password twice, especially for your business-related accounts. Additionally, consider using a password manager, like Keeper, LastPass, 1Password, or Dashlane to safely store your unique passwords.
4. Avoid public Wi-Fi. If you log into a corporate email on public Wi-Fi, anyone on that network could potentially track your activity and/or data. Instead, leverage your mobile hotspot or a VPN as a better alternative.
5. Comply with patch releases. Each month, your service provider should ask you to leave your work computers online during Scheduled Maintenance and Security Patching Releases. These releases will include a reboot of your machine in order to ensure security patches are applied.
6. Update your mobile phones and home devices. Update mobile phones, home computers and network devices, including routers and cable modems, with the latest patches and software updates. There is evidence of Russian hackers exploiting unpatched home devices to gain control and use them as a launch platform for other attacks.
7. Report suspicious emails or activities. If you notice suspicious emails or activities, report them immediately to your managed provider or internal IT team.
If you have any further concerns or questions, please reach out to our team here. Our clients’ security is our top priority, and we are committed to educating our community about how to implement effective solutions, while keeping usability at the forefront. The threat landscape is ever evolving, and you can rely on our team of experts to keep your systems, data, and employees safe.