Issues surrounding email continue to be one of the primary reasons a network gets breached. Here are a few tips and things to avoid to help prevent your system from being compromised!
1. Using the same username and password with different websites:
The more times you use the same email and password with different sites, you increase the changes of your usernames and passwords getting compromised. It is one thing to protect your computer and network, but when you use those credentials elsewhere you must also trust they are protecting their network with the same level of importance you place on protecting yours.
It is recommended to use different passwords with different sites. I know this becomes more difficult to manage, but if you can incorporate something about the site you are logging into along with your standard password it can help.
For Example: your personal email log in might be: MyName123. When you have to log into a Digital Office Equipment Site you might use: MyName123@DOE. It's virtually the same password, but it adds something different based on the site or program you are logging into.
Hackers are not taking the time to figure out your pattern. They are just mass broadcasting thousands of usernames and passwords to other sites to see what works. It is a numbers game.
Resolutions:
Educating your users not to reuse passwords for different sites.
Add Multi-Factor Authentication (MFA) when logging into critical resources
2. Simple Passwords:
Even with the world's increased awareness about cyber security. It's astonishing how many users still use very simple or short passwords. Simple passwords are the first passwords tried by hackers and the shorter the password the easier it is for a hacking program to decipher.
Basic password cracking software can try 1 million passwords per second. Therefore, if you create a 5-digit password only using capital and lower-case letters it can be cracked in 11.88 seconds. However, just by increasing the number of letters in your password to 10, it takes that same password software 4.47 years to crack. By adding in numbers and special characters it takes 26,596.38 years to crack a 10-digit password.
Of course, this assumes that the last password is the correct password. When you use a common password like: A person's name, or something simple as a password, those will be cracked in the matter of hours as password cracking software runs through simplistic and common passwords first in their attempt to crack your password.
Advanced password cracking systems that can process a Tera per second utilizing 16 computers in tandem can crack that same password in 14.57 hours.
Resolutions:
Enforce stricter password complexities through group policy.
Enforce lock out measures when passwords have been incorrectly entered.
Add MFA to all corporate computers and business websites
3. Social Engineering / Phishing
Spam emails are getting very sophisticated, now pulling data in from multiple resources to craft a very legitimate email.
They can use technology to scrape your corporate logo off your website. Or they grab your corporate email signature off an email that was obtained through a compromised email account from anyone you have ever emailed before.
They use public data or website listings that contain an employee’s name and title. When this information they can send a very legitimate looking email to the Human Resource Direction asking them to change their Direct Deposit account. Or they send an email from the CEO asking accounts payable to wire funds to an account for the purchase of a product.
Resolutions:
Utilize a Spam scrubbing service.
Educate employees on how to check the email address behind the sender’s name.
Test users’ ability to spot phishing attempts through a phishing campaign.
4. Virus/Malware
This is still one of the primary ways a breach happens. A corporate user unknowingly opens a document or clicks on a link that has malicious code behind it.
While a Firewall with an active security subscription can help block attachments that are being downloaded to your corporate network. A Firewall is somewhat limited when the attachments are opened through web applications. This is due to the file being opened in the cloud. However, these files or weblinks still have the ability to insert HTML code which is enough to start a Network breach.
Network breaches can allow hackers to gain usernames and passwords, with that information they are able to start searching the network for systems and devices which they might be able to compromise or control to gain further access to corporate data.
Resolutions:
Utilize a spam filter service which scans emails before they are delivered to one’s email box.
Utilize a spam filter service that uses a sandbox for following links. (this type of service opens links in a safety zone where it can be scan for delayed code insertion attacks)
Ask Digital Office Equipment how we can help you protect against these most common Network Breach scenarios.
Employee Training
Spam Filtering
Sandbox Link Protection
Multi-Factor Authentication (MFA) solutions
Firewall Hardening
Comentarios