In connection with the current situation in Ukraine, German security authorities are in constant exchange with partner organisations. There is a current warning of cyberattacks and a call for increased vigilance. According to the BSI, there is no acute threat to information security in Germany but nonetheless the situation can worsen at any time in view of current developments. With this blog post, we urge you to review the status of your cybersecurity and improve it immediately.
Current example: malware attack on Ukrainian government and non-profit organisations
At the end of January, it became known that targeted attacks with a new malware called WhisperGate had taken place against Ukrainian authorities, government organisations and businesses. It is a three-stage attack on the master boot record of a computer. This can lead to the destruction of the computer as well as data on connected storage devices. The Master Boot Record is used to boot computers that are equipped with a BIOS operating system. WhisperGate deletes and damages a Windows system to such an extent that files and drives cannot be recovered or used. Security experts send out a warning that cyberattacks of this type could hit more countries. It is important to protect against this.
Potential cyberattacks can be diverse and widespread. That’s why we recommend closing any gaps in your basic protection measures first. Are you well-positioned in this regard? Great, then you’ll find tips below on how you can further expand your cybersecurity.
Checklist of the most important basic protection measures
- Be attentive to emails, because a large number of cyberattacks start with a phishing email. Act with deliberate suspicion, even with supposedly known senders or even quoted email histories.
- Company-wide phishing awareness, because all it takes for a cyberattack is one successful phishing email.
- Attentive handling of Office documents, because Office documents can contain malware due to their large range of functions. Such documents can be found in the attachments of phishing emails, for example. Here you will find more information on how you can better protect yourself when handling Office documents.
- Secure, unique passwords, because short, simple passwords can be easily abused by cybercriminals. Multi-use passwords are particularly risky because once determined or hacked, they open up multiple access points for cybercriminals. In your company, use long, complex passwords if possible and use password managers to store them.
- 2- or multi-factor authentication, because it protects important user accounts even if their password is known to cybercriminals. Preferably, always activate 2-factor or multi-factor authentication when it is offered. You should definitely do this for critical accounts, e.g. your cloud service.
- Backups, because otherwise all company data can be destroyed or made inaccessible in the event of sabotage or ransomware attacks, for example. Be sure to always keep at least one backup separate from your system so that cybercriminals cannot reach it via the inter- or intranet. That’s exactly what the 3-2-1 backup strategy calls for – in addition to backup cloud storage, for example.
- Emergency plan, because in the event of a successful attack, a quick response is extremely important. The contingency plan can be rudimentary at first. It is important that everyone in your organisation knows it, because you never know who will need to respond.
- Current system, current updates, because most updates close newly disclosed vulnerabilities. Therefore, install updates as soon as possible, even if it interrupts your own work – by doing so, you make the cybercriminals’ life hard!
- Use cloud services securely, because this way you make cyberattacks on your company data or even the entire cloud service more difficult. The higher the security standards of your cloud, the more important it is that you also pay attention to security when using it.
- Secure mobile devices, because smartphones and similar can also be affected by cyberattacks. Improve the protection of your smartphone and pay particular attention to smishing attacks.
- Be careful when using wifi, because public wifi in particular is easy to spy on or can even be operated entirely by cybercriminals. Rather use your smartphone as a private hotspot or a VPN. You can find more tips in this blog post – it was written for the vacation season, but in our networked world, even the tips under “On vacation” also apply to WLANs in everyday work.
Want to do beyond?
- Encrypt sensitive data – on your computer, smartphone, tablet, server.
- Segment your corporate network into separate areas if possible.
- Zero trust model: consider whether or to what extent you could implement the zero trust model. In it, every person, application and device must authenticate, which provides increased security.
Even more information on cyberattacks and security measures
- Overview by the the German domestic intelligence services on actors and attack methods in cyberattacks on companies
- Recommendations of the Federal Office for Information Security (BSI) for companies according to attack targets
If you have further questions or any uncertainties, our team of experts will be happy to assist you.