Real People. Right Now.
From the first hello, the Locknet® team is dedicated to serving you and your needs.
About a month ago, a hacker gained network access to a water treatment facility in Florida and appears to have attempted to poison a city's water supply by increasing the amount of sodium hydroxide—a terrifying prospect that came all too close to coming true. The breach, as well as hacking attempts on other institutions that run our country’s critical infrastructure, highlights the vital importance of knowing how to prevent cyber attacks for all businesses and public utilities. Because while it's too easy to shrug off cybersecurity protocols, and the risk of a hack can seem small, in fact, cyberattacks are increasingly more sophisticated, and businesses can be even more vulnerable when utilizing remote access software platforms or software that has reached its end of life.
I spoke with our own Shannon Mayberry, IT Security Manager for Locknet® Managed IT about the lessons we can learn from this cyber attack on Florida's water treatment plant, the danger of cybercriminals exploiting operating systems that have reached their end of life, and steps companies can take to protect themselves.
As with any cyber attack, there are lessons to be learned from the experience—knowledge we can all use to better protect our organizations from cyber attacks. So, what are the big lessons here? Mayberry says if remote control software is required for your organizational operations, be sure to review and secure it.
"Put in mitigating steps as outlined by CISA and NIST to ensure that if remote control software is needed, the scope and usage of the remote control software cannot be performed by unauthorized users," Mayberry explains. "A review and set of controls should be defined before any software is allowed into an organization so that the risk is understood and mitigation plans can be put in place. The biggest lesson here is, if you are going to use remote control software, make sure it’s a robust and resilient platform that can have protections put in place." And while many organizations may consider cutting costs, Mayberry stresses that with so much at stake, it's essential to avoid the temptation to just go with the cheapest option.
Among the issues that could put your organization at risk: hacker exploitation of desktop-sharing software and networks running with operating systems that have reached their end-of-life status. How can you protect your network?
"Having a patching/software policy in place and regularly audited, as well as a device refresh plan can ensure that the organization will have current and stable platforms operating critical infrastructure," Mayberry says.
The Windows 7 end-of-life can also be a risk for companies that have not upgraded.
"Patching ceases to be deployed to an OS once it is termed end of life, at that point, it can become easier to gain footholds and perform the lateral movement to other, more critical devices," Mayberry explains. "As part of your overall information security program, an organization should have provisions and planning in place to refresh systems that are reaching end-of-life. First and foremost, companies should be working with software/hardware vendors to ensure that those limitations can be removed and operating systems that run these systems can be upgraded. If due to software limitations this is not feasible, controls should be identified to prevent issues in the event of a compromise, such as air gapping a device from the general network."
Mayberry also says this incident should also inspire companies to consider their risk aversion. A good place to start is to take a hard look at what you're utilizing on your platforms and whether there are controls available to prevent unauthorized access. And just as importantly, it's vital to check whether those controls are being used. You should also consider:
To better manage your risk, Mayberry suggests the following two steps:
When you're ready to know your company's risk for a breach and prevent a cyberattack on your network, the experts at Locknet Managed IT can help. Contact us for an internal vulnerability assessment, which can help you better understand your organization's software and other network vulnerabilities. From there, we can help you put together a comprehensive plan to shore up your network's security and take other steps for cyber attack prevention.
Managed IT
Onalaska, WI Waterloo, IA Wausau, WI Eau Claire, WI Burnsville, MN
You are now leaving locknetmanagedit.com. Please check the privacy policy of the site you are visiting.