In honor of Cybersecurity Awareness Month Ingalls is highlighting some cybersecurity tips to help businesses stay safe online. Check back each week or follow us on your favorite social network for the latest tip.
Byte-Sized Cyber Tip #1: Be Aware of Emerging Phishing Email Tactics Via QR Codes (Don’t Scan Me, Bro!)
Craig Flynn, T2 Analyst on emerging phishing email tactics:
“Throughout 2023 we have certainly seen threat actors actively changing their tactics from the typical fake login page links that we have grown accustomed to. A more recent tactic has been the implementation of QR codes to facilitate these fraudulent resets. These QR codes, if scanned, have a lot of potential for compromise such as drive-by downloads, that could deploy spyware to your mobile device.
“Additionally this threat may take you to a credential capture site, where once credentials are entered and a sign-in is attempted, users and their network access are exposed to the respective threat actors. In short, always verify the sender of these types of emails via email headers. In a work environment, it is recommended to reach out to an administrator to verify any and all possible password reset or expiration notifications.”
Byte-Sized Cyber Tip #2: Leverage a Cybersecurity Internship to Help Launch Your Career
Jessica Owens on breaking into cybersecurity with internships:
“This year has seen a monumental push towards breaking down knowledge silos, calling out charlatans, and clearing paths for those wishing to enter cybersecurity. Still, the trouble often lies in demonstrating actual experience in a fast-paced industry like cybersecurity. Home labs and Learning Platforms are nice to see on resumes, but may not fit the bill for most junior-level positions. Consider an internship to bridge the gap and get your foot in the door.
An internship (or fellowship) program may be offered through companies directly (like Ingalls!), partnerships with a chamber of commerce, military affiliation, and higher education institutions. Once you’ve successfully begun yours, utilize it to build not only your knowledge base, but your network with genuine mentors, other interns, and colleagues! This will go a long way towards furthering your career in cybersecurity.”
Byte-Sized Cyber Tip #3: Utilize Risk Assessments to Safeguard Your Organization
Sarena O’Donnell on Risk Assessments:
“It is not a matter of if, but when: In 2023, businesses continue to face an escalating threat landscape. Rather than being the exception, cyberattacks are now commonplace. To address this, businesses must understand and minimize their attack surface. This is best accomplished through the performance of a framework-aligned, organization-wide risk assessment, allowing for the identification, evaluation and prioritization of security weaknesses.
Most businesses struggle with competing demands on a limited budget. Taking a risk-oriented approach to cybersecurity optimizes both resource allocation and risk mitigation activity. Risk assessments will help you safeguard sensitive data and critical systems, ensure regulatory compliance, and preserve your organization's reputation in an era of heightened digital threat.”
Byte-Sized Cyber Tip #4: Watch Your Access Control: Audit, Test, and Monitor for Proper Authorization and Authentication
Chase Theodos, T2 Analyst & Pentester on broken access control:
“In 2023 broken access control remains a persistent issue. This vulnerability exposes systems to unauthorized access, often bypassing established protocols and permissions. Threat actors have become increasingly adept at exploiting these weaknesses granting them the capability to view, edit, or delete sensitive data. The problem is exacerbated by the increasing complexity of organizational structures and the growing number of endpoints that need to be secured.
Regular auditing and testing are crucial to mitigating this issue along with consistent monitoring for anomalous activity. Without proper controls in place, companies risk not just data breaches, but also severe reputational damage and legal repercussions.”
Byte-Sized Cyber Tip #5: No One Likes a RAT: Tactics to Thwart Remote Access Trojans and Other Malware
DO NOT Plug It In, Plug It In
Sean Scully, Threat Hunter, on RATs and removable media policies:
“Remote Access Trojans (RATs) are a prevalent type of malware in today's cyber-warfare that wield a range of capabilities. Successful deployment can provide attackers with access to sensitive data and even facilitate the deployment of further malware through tools that allow keylogging and screen capture, aid in file manipulation, establish backdoors, and system control. These highly capable weapons are most commonly deployed through phishing campaigns, social engineering attacks, drive-by downloads, and removable media.
Proper user training and basic security controls will go a long way toward thwarting deployment methods for these types of attacks. For example, universally disabling autorun functionality for removable media significantly reduces the risk of infected USB drives and ancillary devices executing malicious code on endpoints. Ensuring that these fundamental steps are implemented for every user and every device in the business will not only protect against RATs, but any type of malware that could impact the organization.”