What are intrusions?
Intrusions are purposeful attempts to access the server and the network infrastructure of a corporation, school or government entity.
- Intrusions are up 19%.
- Many networks have opened ports, firewalls, servers, etc. to outside connections to allow users to work from home. Cyber criminals are using these vulnerabilities to attack servers. There are safe ways to allow access to outside users – ask if you are unsure!
- Intrusions are also targeting government and pharmaceutical companies
What is cryptomining?
Cryptomining is the act of hacking a computer or server and using the machine’s resources to generate cryptocurrency.
- Cryptomining has not been a popular threat in recent years, but is unfortunately making a comeback.
- Cryptominers are starting to target home users, as users have taken machines home for remote work. Many of these attacks come from an email download or website download.
General Recommendations
- Train your staff to read emails with caution: hover over links before clicking, check the sender information, have secure ways to share information outside of emails (for payroll, ACH, etc.)
- Consider using a security service to test your users for email and phishing knowledge – ITS can send bogus emails and track which users click and provide the requested information through the phishing link. This will help you know how savvy your users are and develop future training opportunities.
- Consider using a link protection service – we use a product through Sonicwall for our ITS email. Sonicwall opens and inspects each link we click in an email, and refuses to provide the connection if the link leads somewhere spammy or unsafe. A similar service keeps us safe from file attachments.
- Setup an external sender policy to help your users spot phishing attempts – when an email comes from outside of your domain, a message or tag is attached to warn your users that it came from offsite. This helps with emails that are designed to look like they came from a company administrator, but actually came from a cyber criminal. (like those emails requesting payroll information or gift cards)
- Use an antivirus software and keep it up-to-date
- Make sure your Windows devices are up-to-date – Windows 7 and Windows Server 2008 are no longer under support.
- Use a firewall and modern connection protocols to keep remote users connected safely to your servers and resources. Or, consider a cloud-hosted model to make remote work even more efficient!
Do you have questions about any of the threats listed, or are you interested in learning more about protecting your users and network? Contact ITS for more information on our security solutions!
Download the full report: https://www.sonicwall.com/2020-cyber-threat-report/