The promise of increased productivity in the cloud continues to ring true now more than ever. Access to corporate data from anywhere at any time while simultaneously collaborating as a team has kept so many businesses productive and competitive in our remote work environments. The caveat of access from anywhere is that without sufficient cybersecurity and risk management strategies, threat actors can also gain access to your sensitive corporate data. We have seen this disastrous process play out in many corporate cyberattacks, such as the recent Colonial Pipeline shutdown, which could have been avoided by implementing one commonly available cybersecurity protection.
The increasing amount of digital records and ever-evolving hacking tools makes it impossible to be 100% assured of protection, especially if only one layer of protection (user credentials) is standing in the way of a data breach. However, there are some cybersecurity and risk management best practices, tools, and techniques you can put in place to mitigate the risk of a cyberattack on your organization.
A common cyberattack process
It is becoming a common occurrence to learn about corporate breaches in the news, and they all seem to have a common process that looks much like this:
- hackers use brute-force attacks to steal high-profile credentials,
- the victim is then locked out of their system, and/or
- personal identifiable information (PII) gets exfiltrated, then
- a demand for ransom is made to regain system access.
Once the cyberattack is executed, it is often the case that the victim will pay to end the breach and regain system functionality. Unfortunately, due to the unethical nature of hackers, if any data was stolen, it is often sold anyway on the black market for nefarious purposes, like compromising a high-value target. Many of these criminals even automate cyberattacks by using inexpensive and widely available software tools found on the dark web. In some cases, these despicable software developers even offer technical support to the hackers!
What can individuals and organizations do?
What is unfortunate about a large percentage of documented cyberattacks is that the compromised companies did not enforce multi-factor authentication (MFA) and practiced poor password hygiene. It has been well documented that MFA can block over 99.9 percent of account compromise attacks. With MFA enforced, the risk of stolen usernames and passwords providing network access for hackers becomes significantly reduced.
The common cyberattack process outlined above is exactly what caused the six-day shutdown of the Colonial Pipeline in May 2021. Hackers gained entry to the pipeline's network through an unused but active virtual private network (VPN) account. In this case, the VPN account did not have MFA enabled. If MFA had been in place, this would have been the additional layer of defense needed to prove a user's identity, and stop the hacker in their tracks. Once the hacker obtained the stolen credentials, they simply logged in to the Colonial Pipeline to infiltrate the computer network with malicious software. At this point, the hackers proceeded to demand over $4 million in ransom from the pipeline leadership to give them access to their computer systems.
Best practices to mitigate risk
What happened to the Colonial Pipeline is unfortunately not a cautionary tale, but a growing reality for large and small companies alike. What can be done is to take necessary precautions to fortify your company defenses with the following tools and techniques before a breach occurs:
- Use unique and complex passwords for each and every account and change them often.
- Enable and enforce Multi-Factor Authentication (MFA) to protect business applications in the cloud.
- Implement Single Sign-On (SSO) to keep most or all passwords joined together in a single login, and improve user experience.
As data breaches become more common and tactics more sophisticated, proper cybersecurity and risk management measures must be put in place to keep pace with technology and protect your organizational data living in the cloud.
Find out where your organization stands in its ability to defend critical assets, and where you need to take the next step in risk management. Learn more about a Cybersecurity Risk Assessment. The outcome of an assessment will identify what security controls and practices you have in place or are missing, understand the efficacy of each defense measure, and summarize findings in an executive report to provide you with recommendations to mitigate cybersecurity risks.
Mitigate and Address
Within Your Organization
For more information, select the link above or connect with Systems Engineering at 888.624.6737 or firstname.lastname@example.org. Clients, please reach out to your Account Manager directly.
Kevin Beling is an Account Manager at Systems Engineering, focusing on ensuring valuable and long-term client relationships. He helps clients identify and utilize technology to achieve the business outcomes they desire. Kevin has been with Systems Engineering since 2015.