Many may remember the TV series, “Flipper.” For those who do not remember, the theme and plot is as follows: Flipper, a bottle-nose dolphin, helps to protect his lagoon park and preserve its wild inhabitants. He is instrumental in apprehending criminals and thugs in the park.
How does this story draw parallels to cybersecurity?
This past week, an unnamed North American casino experienced a cybersecurity breach via a fish tank. The casino’s self-cleaning fish tank, programmed via sensors to monitor water temperatures and fish feeding schedules, was targeted by hackers. Through the fish tank system, the cyber thugs broke into the casino’s computer network and downloaded sensitive data to a Finland location.
Connecting the dots of this story back to “Flipper,” the idea of observing and monitoring one’s environment is vitally important. Like Flipper—whose role was to apprehend criminals through observation and data collection—we must remain vigilant, and can no longer blindly trust even the most innocent of devices, such as programmed fish tanks.
Fish tanks are now IoT devices on our networks and, as seen in the case of this casino, can create an open door for clever cyber thugs. Today’s cyber thugs and criminals leave breadcrumbs of information that we can collect to understand the risks associated with certain IT decisions. The same advice and best practices apply to fish tanks as they do to any other sensor on our networks. Understand, Monitor, Prevent and Segment to protect your most critical assets: DATA!
In the wake of the past several weeks of broad and damaging cyber-attacks, it’s important that we talk about proactive measures the small and medium organizations should consider to protect your environment. Many of my colleagues have articulated the damage and origins of the recent attacks: WannaCry & Petya. I find these insights extremely valuable to understand the root and attributions of the malware itself. These publicized reports provide all sized organizations context to the magnitude of the current and future damages these organized type attacks can deliver.
The small and medium business sector has the largest threat landscape for cyber-attacks. The potential damages to the hundreds of thousands of businesses in the USA is an alarming statistic. The questions that consistently are asked by the small and medium business is; what should I do to protect my company? And, how can I afford the equipment, software and human resources required to truly become cyber prepared? Good news! There are options and practical real-world solutions available.
Many smaller organizations don’t have the internal resources to research both the industry standards and proprietary models to understand what is the best cybersecurity approach. A best practice is to use a methodical standards-based approach to build cyber awareness, develop a plan to improve and implement a proactive monitoring solution as an appropriate start to cyber preparedness. Noted below are strategic and tactical plans the small and medium businesses should implement immediately.
- Cybersecurity assessment – understand your current posture to identify vulnerabilities
- Gap analysis – a comprehensive view of what needs improvement
- Plan of Action – a detailed, real-world and affordable improvement plan
- Continuous monitoring – become a proactive cyber aware company to know when changes occur
Tactical recommendations for WannaCry & Petya variants:
- Ensure systems are patched and all antivirus programs are up to date
- Implement and determine if backup systems are effectively configured
- Restore only backups that have been securely managed
- Isolate any unpatched systems
- Monitor all networks and device connectivity