Articles of interest from the week of February 15, 2021

How MDR Fills SASE and ZTNA Cybersecurity Gaps

Simply put, enterprise support for remote workers increased their vulnerability footprint, and most were not ready for the consequences. Others attempted to leverage new technologies, such as ZTNA (Zero-Trust Network Access), or SASE (Secure Access Service Edge) to harden their networks against attack. Yet, many have found that just locking down their network connections at endpoints or the edge was simply not enough. Other types of attacks, such as ransomware or data exfiltration, still managed to succeed, and technologies such as ZTNA and/or SASE did nothing to reduce insider threats. (By Frank Ohlhorst, Security Boulevard) Ingalls: Technology alone cannot effectively defend against cyberattacks. People, process, and technology must all be integrated into any successful cybersecurity risk management strategy. Ingalls helps businesses large and small manage security risks and defend against cyberattacks. If you’d like to learn more please contact us here. One of our cybersecurity experts will be more than happy to assist you and answer any questions you may have. 

This Cybersecurity Threat Costs Business Millions. and It's the One They Often Forget About

While ransomware is the cyberattack most feared by businesses, another form of cybercrime is slipping under the radar, one that is proving highly lucrative for internet fraudsters – and costly to business. A business email compromise (BEC) attack sees cyber criminals use social engineering to trick an employee at a business into transferring a large sum of money to an account controlled by the crooks. (By Danny Palmer, ZDNet) Ingalls: business email compromise (BEC) attacks are a good example of why you need end point protection. Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection and response guidance utilizing a defense-in-depth approach which monitors and correlates network activity with endpoints, logs and everything in between.

US-CERT Reports 17,447 Vulnerabilities Recorded in 2020

Threat actors are sending phishing emails impersonating a Small Business Administration (SBA) lender to prey on US business owners who want to apply for a Paycheck Protection Program (PPP) loan to keep their business going during the COVID-19 crisis. (By Kelly Sheridan, DarkReading) Ingalls: Enhancing your patch management process to include vulnerability scanning, a robust remediation workflow, and metrics-based decision support from data collection can do a lot more for your risk management than simply plugging holes whenever a software vendor produces a patch. In our downloadable “8 Effective Cybersecurity Controls For SMBs” guide we discuss how to do more with patch management, and the benefits of a mature Vulnerability Lifecycle Management program. If your business or a client needs expert cybersecurity risk management that includes Vulnerability Lifecycle Management, please contact us today to schedule an engagement with Ingalls Information Security! 

Password Reuse Continues To Plague Consumers and Businesses

Poor password hygiene with your personal and work accounts could provide an easy entry point for cyber criminals into your employer’s network. Every employee plays a role in preventing outside attacks on their organization. Several of the most notorious breaches began with a breach of a single employee’s password. According to Verizon, “81% of hacking-related breaches leveraged either stolen and/or weak passwords.” A seemingly innocuous error made by an individual can potentially cost a company millions of dollars, hefty legal fees and the trust of its customers.. (By Cynthia Crossland, Cyber Security Magazine) Ingalls: To learn more on this topic, visit our blog where discuss how to make sure your SMB clients have secure accounts and passwords. We discuss the various types of multi-factor authentication, the dangers of password reuse, and how to use password managers to protect sensitive account information.

How Ransomware Negotiations Work

Ransomware has been one of the most devastating malware threats that organizations have faced over the past few years, and there's no sign that attackers will stop anytime soon. It’s just too profitable for them. Ransom demands have grown from tens of thousands of dollars to millions and even tens of millions because attackers have learned that many organizations are willing to pay. Many factors and parties are involved in ransomware payment decisions, from CIOs and other executives to external counsel and insurance carriers, but the increasing need to make such payments has created a market for consultants and companies that specialize in ransomware negotiation and facilitating cryptocurrency payments. (By Lucian Constantin, CSO) Ingalls: Ingalls Information Security understands cybersecurity attacks and how to respond effectively. Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state sponsored hackers. This experience gives us a powerful edge in preventing and responding to cyberattacks including ransomware. Click here to learn about how to respond when you’ve been breached.