New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

Top Ten CyberSafe Tips

Cybercriminals have many ways of targeting and accessing sensitive information on personal computers and corporate networks. Because cybercriminals are able to monetize their attacks for millions of dollars, there is strong incentive for them to continue to attempt to steal information and sneak past security controls. In most cases, the difference between keeping computers safe and becoming the victim of a costly data breach comes down to whether the targeted employees recognize the warning signs of an attack or not. We’ve developed a list of cybersecurity tips that we built up from experiences managing security events for professionals and businesses internationally to help you avoid becoming a victim.

Top Ten Cybersecurity Tips:

1. Think before you click!

Cybercriminals will often use recent news stories, popular topics, and shock factor to get you to click on their malicious links in email, text and chat messages. Keep yourself in the know and don’t fall for their tricks. The malicious emails may appear to come from an email address that you know or from a very similar email address that is one character away from the real account. Keep an eye on the sender of emails and double check the spelling.

Malicious links can cause damage on your devices in many different ways—make sure you look at links sent to you and check if the sender is someone you trust. On a desktop computer, hover your mouse over the link to see where it really goes. On a mobile device, try copying the URL from the link and pasting it into another message to inspect it. You can test a suspicious URL by pasting it into VirusTotal.com to check against many different security providers. If a message seems out of character or out of the ordinary from what you expect from that contact, refrain from clicking on the link.

2. Don’t re-use the same passwords

Reusing passwords opens you up to additional vulnerabilities because if a hacker gets access to one password, they will be able to double-dip into whatever accounts they can find that use the same credentials.

A Google study (link: https://research.google/pubs/pub48399/) done at the end of 2019 showed that 26% of users who were told a password was compromised in a data breach ignored the prompts to update their information. If your password has been compromised, it’s important to change it as soon as you can to stop any further damage to your accounts.

3. Use 2-factor/multi-factor authentication

Multi-factor or 2-factor authentication adds another layer of account security to protect your information. Even if a cybercriminal cracks your password, they won’t be able to get into your accounts because they won’t have access to your second device. There are many options for multi-factor authentication. If you have an option between receiving one-time use codes via text message/phone call or generating the codes using an authenticator app, always choose the authenticator app.

Criminals have been known to hijack your cell phone number by convincing your mobile phone carrier to port your number to the attacker’s phone in order to receive text message codes or phone calls at your number and bypass multi-factor authentication. Authenticator apps are much harder for attackers to overcome. If you receive unexpected prompts to enter your multi-factor authentication code when you didn’t try to log in, or phone calls asking for the code, recognize that someone is trying to trick you and don’t give them the codes. It probably means that your password has been stolen, so it’s a good idea to change your password right away.

4. Backup your data

Backing up your data ensures that you always have a copy of your important information. When naming your backups, be sure to use another name other than “backups” because this puts a large target on your files, making it easy for attackers to find them and possibly delete or corrupt the files. The best strategy is to keep your backup files in an off-site secure location so that ransomware attackers can’t encrypt your backups. That way, if one of your devices is compromised, your backups will be safe on the other device.

5. Be careful shopping online.

Since at least 2010, cybercriminals have been using e-skimming to capture credit card information from online shoppers by injecting malicious code into the checkout pages of e-commerce websites. A great way to combat this is to use a virtual credit card than can generate a one-time use card number when shopping online. That way if criminals steal the card number, it won’t charge against your account.

If you operate an e-commerce business and your website accepts online payments, consider outsourcing payment collection completely to a trustworthy payment processing site that hosts all of the files. If you host the payment processing page yourself, monitor all of the HTML and JavaScript files closely for any unexpected changes.

6. Don’t open Remote Desktop to the Internet

If you need to access your home or work computer from another location, do not simply enable Microsoft Windows’ Remote Desktop (RDP) access and allow it to listen for incoming connections from anywhere on the Internet. RDP allows attackers to see your username and guess as many passwords as they like until they succeed at logging in.

Instead, for corporations, set up a Virtual Private Network (VPN) server that uses strong encryption along with multi-factor authentication and client certificates to only accept login attempts from known computers. Then, allow employees to connect to an RDP Gateway server only after successfully connecting to the VPN. For home or small office remote access, there are several reasonably secure options such as GoToMyPC, LogMeIn, and TeamViewer. It is critically important to use a strong and unique password and enable multi-factor authentication for any remote computer access system, because cybercriminals will almost certainly try to break in that way.

7. Use and keep up with your computer and virus scanner updates

Antivirus is the bare minimum you should have to keep your computer more secure when faced with cybercriminals and cyberattacks. Whether you use a Mac or a Windows PC, make sure you keep up with updates; Many updates that are pushed out include a variety of changes that include repairing security holes that were discovered or fixing and removing bugs.

Cybercriminals study the updates to discover which parts of the software were patched and then create malicious software to exploit those flaws. That’s why updates should be installed as soon as possible after they are released, especially for any server connected to the Internet—it is often only a matter of a week or two before attacks against unpatched computers will begin.

8. Avoid public/unsecure networks

The increase of at-home workers in 2020 has risen significantly which brings along its own security concerns. When connecting your work computer to a network make sure it’s a secure and trusted network. Try to avoid connecting to public WiFi because the biggest threat is the ability for hackers to put themselves between your device and the access point, allowing them access to every piece of information you send out, or re-direct you to fake websites to capture the information you enter.

To safely use a public WiFi access point, use a Virtual Private Network (VPN) on your laptop and smart phone, and make sure that it is set to block all network communication unless the VPN is connected. A VPN creates an encrypted “tunnel” to get your network traffic safely across the public WiFi and the Internet to the VPN server. As long as the VPN server is operated by your company, or you use a trustworthy and reliable VPN service provider, your network traffic is much safer. Beware of very cheap or free VPN services offered by companies without much of a reputation or based in foreign countries – some of these are actually a trick to monitor all of your network traffic, putting you in an even worse position than using public WiFi! Read this article before choosing a VPN provider: https://www.computerweekly.com/news/252466203/Top-VPNs-secretly-owned-by-Chinese-firms

9. Never leave your device unattended.

Technical security is important, but physical security of your devices is just as essential. Don’t leave your devices unlocked or unsecure in a location where you aren’t present to monitor your items.

10. Stay educated

There are many groups, newsletters, and other ways to keep up to date on the latest threat intelligence. Join a group of your industry peers to stay up-to-date and share information on a regular basis. Binary Defense offers Threat Watch (https://www.binarydefense.com/threat-watch), a daily newsletter that details the current threat landscape and current cyberattacks, offering helpful advice for each situation.

New call-to-action