The recent, deliberate cyber attacks against U.S. organisations by Russian civilian and military intelligence services are international news. The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) recently issued the Joint Analysis Report (JAR) about these events. In addition to an event summary and technical details, including the YARA signature rule that contributed to the discovery of the attacks, there is a lengthy section of recommended mitigations.
The first recommendation is for organisations to commit to cyber security best practices, which is a great recommendation if taking advantage of End Point Security in Jamaica. However, most people reading this report or watching the news want to know what they, as the end user, can do to help mitigate attacks. There are four mitigations strategies that an end user can control: respect administrative privileges, respect application whitelisting, patch updates, and backups.
- No end user should have administrator access to an organisation’s system. Asking for, or using without authorization, administrator access just adds another weakness to the system that the IT team is trying to secure. Respecting the administrative privileges assigned to each user helps keep confidential data secure.
- In addition to respecting allowed administration privileges, each end user must respect the application whitelist for their company. While it may be personally inconvenient to not be able to install a favourite application(s), it is critical to the information security of the organisation. Whitelisted, or approved, applications are company and IT approved and considered safe to run.
- Patch updates are often pushed to individual machines but sometimes rely on the user to complete an update. As inconvenient as it may be to stop an activity, it is more important to update the application to avoid leaving an exploit opportunity.
- Finally, attacks can happen even while being vigilant because malware changes constantly, just like viruses that affect humans. To help prevent data loss, it is important to backup all personal files routinely to avoid losing precious hours of work in the event of an attack.
Any end user can make themselves even more of an asset to their organisation and their IT department by following four mitigations strategies aimed at end users. These strategies are particularly important when the IT team isn’t part of the organisation. Protecting against today’s threats requires an endpoint security solution that goes beyond the user, beyond malware, and incorporates next-generation features that target tools, techniques, tactics, and procedures of opportunistic attackers and advanced persistent threats. If your organisation is ready to go beyond the basics in endpoint security solution, contact Info Exchange, leaders in Jamaican Cyber Security consulting, at www.infoexchangeja.com, email mybusiness@infoexchangeja.com, or call (876)931-9552 for more information on this and other services we offer.
