Attacks of Opportunity: How to Protect Your Cloud from Predatory Hackers

02.04.19 12:00 PM
attacks When most people imagine the motives behind a cyber attack, they picture an organization that is specifically targeted by the attackers. However, the vast majority of such hacks are actually attacks of opportunity, with the cyber criminals selecting companies because they spot a vulnerability, not because of who they are or the kind of business they do.   In this way, attackers are incredibly predatory and often quite random. The hackers seek out the weak and use tried-and-true techniques based on known vulnerabilities in applications and systems.   The lack of targeting is not a blessing. Instead, the sense of randomness means every company is at risk if they do not take the proper steps to secure their clouds. If you want to keep your systems safe, here is what you need to do.  

Train Your Staff

  Not only are your employees potentially your greatest weakness, but they are also your first line of defense. By teaching them how to recognize threats or attacks in progress, they can avoid actions that allow malicious software to enter your systems and alert security personnel when something is amiss.   Regular training ensures that your teams are aware of the latest cyber threats, giving them the knowledge to act properly should an incident occur. It also lessens the likelihood that they will take part in risky behaviors, such as downloading files from unknown email senders or websites the organization does not trust, or falling for social engineering or phishing attempts.  

Use Multifactor Authentication

  Having strict multifactor authentication requirements creates a stronger barrier between your systems and potential attackers. While a login ID and password may slow hackers down, they can often be overcome with relative ease, especially if you do not require complex passwords.   When you add a second factor, particularly a token-based solution, the barrier becomes more robust. Additionally, requiring frequent password changes and limiting the reuse of passwords can also help, just as long as your employees understand that recording their passwords in a file or on paper is not allowed, as doing so increases risk.  

Install and Maintain Security Software

  Your security software is only as effective as its last update. If you are not updating the software regularly, you are vulnerable to newer threats because the version of the solution you are using is not equipped to spot them.   Similarly, failing to update various applications, including web browsers, can also leave you at greater risk. Many software patches correct vulnerabilities, so falling behind on the update schedule means cyber criminals may have an opening they can exploit, allowing them to access your systems.  

Use Backups and Encryption

  Ransomware can be incredibly troublesome for companies as it allows attackers to take your data hostage, effectively shutting you out of your systems unless their demands are met. However, if you maintain a regular backup schedule, you can restore the information, effectively circumventing the hack.   If you couple backups with encryption, you are also protecting your data by making it essentially unreadable to anyone outside of the organization. Then, even if data is stolen, it is practically useless, so confidential details will not be exposed.   By using the techniques above, you can protect your cloud from predatory hackers. Just make sure to embrace as many of these mechanisms as possible, as multiple layers of security are often the best form of defense.

Derek Roush