Log In

WE ARE ALWAYS UNDER CYBER ATTACK …

We are always under cyber attack and unfortunately it is now a commonly accepted condition. On a personal level, we note the large number of phishing emails we receive daily and the continuous false requests from various bogus banking institutions with the aim of extorting our accounts credentials.

A recent publication, Microsoft’s Digital Defense Report 2020, has highlighted even more how cyber attacks are now our daily normality.

The ideas, coming from the report, are many, so we will try to highlight those that we believe to be of greater or more immediate interest.

Cybercriminal organizations are evolving in terms of efficiency and competence; also because they can count on substantial funding, both from organizations linked to certain nation-states and from criminal organizations. Many attacks are often attributable to organizations present in various states of Eastern Europe, the Middle East and the Far East.

These organizations are also developing new tools, both automatic (based on sophisticated algorithms and sw robots) and industrial espionage (with a strong human investigative activity), using, as the main basis of first attack, automatic web reconnaissance and email phishing. The secondary purpose is to get to the theft of credentials, ransomware and encrypted malware, with the ultimate goal of obtaining a fraudulent economic gain and/or creating management and economic problems for companies and/or government agencies. Particularly in this area, the creation of Exploit VPN has highlighted the criminal interest in being able to block corporate networks (through DoS and DDoS).

A further element of evaluation is that these organizations have shown a strong spirit of adaptation; in fact, the period of COVID-19 has led to a significant increase in phishing email based on topics related to viruses, defense medical devices and health services. It has been noticed that the variations of topics even follow the top trends, to launch themed lures, with maximum effect.

Malicious servers, where various fake sites and malicious software are kept, are now hidden in the cloud, well camouflaged among other traditionally conventional sites and applications.

IoT devices, being frontier elements, are considered by hackers the weak links in the chain, where attacks can converge. In fact, in 2020 there was an increase, compared to the previous year, of about 35% in attacks on IoT devices.

So what to do ?

The report itself tries to give answers. Based on both common sense and the functionality of the latest technologies, we report about ten (those of our greatest interest).

Adopt multi-factor authentication (MFA): The attacker will have to overcome additional control factors to get our account and this drastically decreases the statistical probability of success of the attack (eg PIN, Code via PEC or SMS, SPID, Electronic cards, dedicated mobile apps, …).

Go beyond passwords: It being understood that passwords must be complex, unique and possibly random, the current technologies allow biometric recognition to be added to passwords. Therefore we can adopt, now at acceptable costs, the recognition of the face, fingerprints, voice, retina or other to increase our safety exponentially.

Maintain Email: Because 90% of attacks start with an email, preventing phishing can limit the opportunity for attackers to succeed. Email platforms now provide filters for inbound, outbound and link. We also consider the possibility of limiting or disabling autoforwarding for email.

Achieve a secure software development lifecycle: Whether you develop it yourself or purchase it, it is recommended that you organize a robust software development lifecycle, that includes threat modeling, design reviews, deeper static and dynamic application testing and penetration testing in production.

Adopt the 3-2-1 approach to backups: Backups are essential for reorganizing and restarting the business after a breach. It is useful to implement the 3-2-1 rule: keep 3 copies (original + 2 backups), use 2 different types of backup storage and keep 1 backup copy in another place (offsite).

Adopt the principle of least privilege: To limit insider risks, both intentional and unintentional, it is necessary to practice the principle of least privilege, that provides for the release to the user of the minimum and sufficient credentials to perform his business functions. Always we consider to limit of system administrators’ privileges, to avoid unwanted intrusions to systems and applications of business importance.

Adopt security policies for the IoT: We understand that IoT devices are and will be the weak link of the IT system, therefore it is necessary to integrate each IoT device within the corporate security programs, monitoring their functioning, with the aim of achieving complete governance of the device itself.

Know your perimeter: Recent pushes towards smart-working and the personal devices and networks use (BYOD) have led to the redefinition of the IT corporate perimeter. Endpoints are increasingly distant from the corporate network, expanding with new software installations, for videoconferencing and collaborative activities, becoming reference points for hacker activities, such as reconnaissance and infiltration into the network. Monitoring endpoints (including non-corporate ones) and checking their correct and safe functioning is the challenge of the present and will be even more so in the future.

Invest in continuous user training: Users, being the first line of corporate defense, must be strongly sensitized on the topics of IT security. Training must be institutionalized at an organizational level and must always be updated on the methods and tools to identify and manage the various types of cyber attacks.

Adopt a Zero Trust mindset: Never think that everything behind our corporate firewall is safe. Regardless of the origin of the request or the resource being accessed, we always evaluate authentication, authorization and encryption before granting access.

ACTION ICT   (October 2020)

 

ACTION ICT is a young, dynamic and innovative IT company. It operates, both nationally and internationally, offering professional skills and design solutions in the ICT field to medium and large businesses. Our highly skilled know-how is housed in three expertise specific departments: ACTION DATA (Big Data Analytics and Artificial Intelligence), ACTION APP (Web & Mobile Application) and ACTION IOT (Internet of Things and Robotics).

Keep in touch


    I consent to the processing of my personal data and to the receipt of commercial information

    Latest
    Latest from blog
    Stage Mirror Approach…

    Technical obsolescence is when a system or service is no longer wanted or needed despite still being in working order. In the IT and business world, this mostly happens when…

    Find out more

    The Distinction Between…

    An Opinion Piece and Article By Action ICT You may have heard the terms technical debt and technical obsolescence being frequently used interchangeably, but what do these two terms mean…

    Find out more

    FROM LANGUAGES TO…

    The first real common language that was initially established in the European geographical area was "Latin", knowledge of which was mandatory to establish and maintain lasting relationships with the inhabitants…

    Find out more

    A LITTLE "NETIQUETTE"…

    We remind you that the term netiquette derives from the set of two words, one of English origin "network" and the other of French origin "étiquette", whose union usually defines…

    Find out more

    A LITTLE ATTENTION…

    A recent American research showed that 62% of corporate recruiting managers consider the social profiles of candidates to get a first idea of ​​the candidate's personality. In Italy, the situation…

    Find out more

    REMOTE WORKING: PROS…

    The pandemic has allowed us to evaluate the real possibility of using "remote work", called Smart Working, Agile Work, Home Working, Telework, Work from Home ... depending on the industrial…

    Find out more

    OTHER WINNING TECHNOLOGIES…

    We resume the forecasts of MIT (Massachussets Institute of Technology in Boston), reporting the second part of the list of technologies that could revolutionize our lifestyle habits in the near…

    Find out more

    WINNING TECHNOLOGIES BETWEEN…

    The period between the end of the old year and the beginning of the new one is considered optimal for drawing up past evaluations and making forecasts for the future.…

    Find out more

    ACTION ICT PARTICIPATES…

    The pandemic, due to COVID-19, has only further consolidated a way, that of online, of work, contact, recruitment and selection, which was already spreading in recent years. In fact, a…

    Find out more

    SUCCESS MANAGER: 2…

    A recent study sought to highlight the current characteristics of a successful manager. As is usually done in these contexts, they tried to make a list of "desiderata", highlighting the…

    Find out more
    Action ICT © 2016 - 2024 - Company Data
    Legal Note Cookie Policy Privacy Policy
    Information Canditate Information Client Information Supplier

    By continuing to use the site, you agree to the use of cookies. more information

    The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

    Close