Cert NZ’s 2021 Update – Cyber Attacks Are On The Rise
Cyber attacks have become increasingly common in recent years, and it’s no surprise why.
Cyber criminals continue to discover new and sophisticated ways of attacking our vulnerable data as we spend more of our lives online.
Cert NZ reported 1,431 cyber security incidents in its 2021 Quarter One (Q1) Report. 23% of these incidents amounted to a total direct financial loss of $3 million, a 7% increase from Q4 2020.
Phishing and credential harvesting (login and password theft) remained the most reported incident category.
Cert NZ Top 10 Critical Controls For 2021
Cert NZ is an organisation that reports, tracks and provides advice on cyber security incidents for businesses and individuals in New Zealand and worldwide.
Each year, Cert NZ provides a list of critical controls based on the most prevalent cyber attacks in the last 12 months. These controls are designed to help you determine where to best spend your time and resources protecting your business against fast adapting cyber threats.
Based on the most recent 2021 data, Cert NZ has introduced two new controls:
1. Provide And Utilise A Password Manager
Working remotely has become a new way of life for many of us, reshaping the way businesses operate. Password managers have soared in popularity in recent years, and now there’s even more of a push for businesses to implement them to avoid cyber attacks which are so costly.
Many businesses are in the habit of using the same password across multiple accounts, and although it’s convenient, it also exposes them to multiple cyber breaches if that password becomes compromised.
To combat this, strong unique passwords per login are a simple, yet powerful cyber security measure. However, it’s important to keep these passwords away from prying eyes.
Password managers provide the highest level of security and convenience by allowing you to store and manage all of your sensitive login credentials in an encrypted digital vault.
For advice on how to find the right password manager for your business, contact us today.
2. Secure Internet-exposed Services
As more people are working from home, the need to access internal systems from external networks, via the internet, has opened many businesses up to cyber threats.
With rising cyber attacks, Cert NZ has emphasised the importance of securing internet-exposed services. These services could include emails, remote access to networks, cloud storage and databases.
It’s advised that you disable and remove any unused or unnecessary services that are exposed to the internet. If you require these internet-exposed services, make sure to install multi-factor authentication and ensure the service is kept up-to-date.
Along with these new controls, Cert NZ has continued to update and put significant importance on their existing critical controls:
3. Patch Your Software And Systems
A common strategy for cyber attackers is to target vulnerable software that has not been updated. This is why patching your software remains one of the most cited controls on Cert NZ’s list.
We touch on this in our blog A Cyber Security Guide to Legacy Systems, where we highlight the security risks involved with running legacy systems.
4. Implement Multi-factor Authentication And Verification
Passwords are no longer enough to protect against cyber attacks.
Multi-factor authentication (MFA) effectively safeguards against unauthorised access by introducing a second step to authenticating a user’s identity. An example of MFA could be a password (1st factor), and then a security key/code (2nd factor).
MFA adoption in business has been emphasised by Cert NZ as security incidents continue to rise every year. It may take time to get your system configured and to educate users on MFA, however, this extra protective measure could save your business from future cyber attacks.
5. Configure Logging And Alerting
Logs are an effective method of tracking where, how and when an incident occurred so it can be resolved quickly.
Although storing your logs can generate a lot of data, having it in a central place can give you clarity on your environment, and allow you to act quickly when incidents arise.
6. Implement And Test Backups
Give your business the best chance to recover lost data after an incident by maintaining regular data backups.
While it’s important to have preventative measures in place to protect your data, it’s also important to prepare for potential data loss. This will help your business rebound quicker from any incidents, so you can return to business as usual with minimal disruption.
7. Implement Application Allowlisting
Application allowlisting, or otherwise known as whitelisting, is a security capability that allows only trusted files, applications and processes to be run in your environment.
This reduces harmful security attacks and ransomware incidents that arise from unintentional downloads and malicious email attachments. You can fulfil this security control through advanced endpoint security solutions that execute allow listing processes automatically.
8. Enforce The Principle Of Least Privilege
The principle of least privilege is to provide employees with the least amount of access to the system needed to complete their job.
This lowers the level of access a potential attacker could have if they gained unauthorised access into a user’s account, thus lowering the impact an incident could have on your business.
Not only is this beneficial for employees by avoiding excessive permissions that aren’t necessary, but it also provides more clarity on the systems in your environment and how users access them.
9. Implement Network Segmentation & Separation
Network segmentation and separation provide another layer of cyber protection by partitioning a large network into smaller networks with additional security measures.
A segmented network minimises the impact an attacker could have when compromising your environment, as it makes it more difficult for them to access sensitive data and move undetected across networks.
10. Set Secure Defaults For Macros
Macros are built into office productivity applications to automate routine tasks.
The purpose of macros is to improve productivity, but due to their versatile nature, they can also be hijacked by cyber attackers to trick users into downloading and running malware.
It’s important to have secure configurations set by default so you only run trusted macros in your environment.
Get Advice On How To Protect Your Business With A Cyber Security Assessment
With cyber-attacks on the rise, it’s never been more important for you to start implementing cyber smart systems. You may be aware of this rising threat, however, you may not know where to start in terms of protecting your systems, data and information.
At Great Outcomes, our goal is to educate and inform our readers on how to protect their sensitive business data through recommended cyber security measures.
Get in touch with us today for advice or to get a cyber security assessment on your business.