Search
  • WSD

The fallout from Solarwinds.

We have probably just seen the start of this cyber campaign with Malwarebytes being the latest company to announce they have been attacked, but luckily it was significantly less damaging than Solarwinds. The attack compromised a dormant O365 account so hackers gained access to a few emails.


Tom Bossert, the former Homeland Security Advisor, said:- "The number of organizations that downloaded the corrupted update could be as many as 18,000, which includes most federal government unclassified networks and more than 425 Fortune 500 companies,"


The risk with all these cyberattacks is the sophisticated tools and techniques that have been used become available for use by cyber gangs and turned into turnkey Ransomware as a Service, RaaS for purchase by anyone on the dark web!



It's probably worthwhile going through the basics of cybersecurity protection:

Firewall – The latest UTM firewalls have built-in services to protect you. Ensure you enable these and set the appropriate levels of protection. Review rules frequently and remove redundant ones.

EDR – With the latest threats basic antivirus may not offer enough protection. With EDR you not only get all the benefits of antivirus but also are able to rollback if infected.

Web & DNS - Adding a Web Proxy and/or DNS filter can mitigate the risks from phishing attacks where users are tricked into clicking a malicious link.

Patching - Ensure you regularly run software updates, it's easy to forget about this so have the tools in place to be able to monitor and report on patch levels.

Least Privilege - Limit what users are able to do, separate admin accounts from user-level accounts on all devices.

Secure Configuration - Ensure devices have unnecessary software & user accounts removed. Remember new PC's tend to have bloatware installed that should be removed. Taking steps such as disabling.

Training - There are some great CBT cyber courses available both commercial and free. Regular rather than annual training will be far more effective. For instance, running regular phishing simulations backed up with training can help users.


Remember we are here to help you with impartial advice so reach out if you have any questions.



7 views0 comments