A Bad Rabbit How To Secure Oneself Against Cyber Attack
1) Make sure all the latest updates to be installed in the system.Any operation system receives updates from time to time many of which concern sphere of security.It is preferable always to use a system that received the latest updates. It might substantially reduce the risks of a cyber-attack.
2) Think about what operating system to choose.Whatever objections Microsoft followers might have, but Windows is significantly more vulnerable for access and viruses than Mac OS or different Linux distributions. It is not even because of *nix-systems to have a better architecture (although many believe that it is so); however, due to Windows being more widely used, it is more interesting for intruders.Therefore, it is a fair assumption to say that, if you buy MacBook or install Linux on your computer, you will reduce the risk in doing so.It is also safe to say that adequately managed net of Linux-computers is more protected from attacks in a business environment than Windows-machines net. Although here, of course, many slips of the tongue are possible.
3) Use good anti-viruses.This information concerns more Windows-machines, although times were anti-viruses were not required for Mac OS and Linux, are already gone. Be generous buying a good anti-virus. Do not and do not use free anti-viruses. Companies, which develop expensive anti-viral programs, take care of their reputation and try to respond to danger promptly, updating its products. The transition from Windows to*nix-systems (Mac OS or Linux) is one of the ways to minimize the risks.
4) Take care of Petya. A consequence management.A virus attacking Ukraine in June was not a final stage of the attack but a preparation to the following attacks only. Some experts jumped to such a conclusion after studying a mechanism of the virus works.During the cyber-attack, the virus activated the utility, which used Kerberos service in Microsoft Active Directory. It gave intruders privileged access over domain resources. This “narrow” place in the security of Microsoft Active Directory, as long as there were no such attacks before. And system administrators, as a rule, do not even think about password changes of a “user,” who is responsible for access to identification protocol.Theoretically, during the Petya attack, the intruders could receive access to a system and generate a termless password for access to the system. It does not even require administrator permission.It means that they might have access even now. They merely wait for the right moment to use it. It was a preparatory stage only, and a real attack might be still ahead.Experts recommend those nets system administrators, who were exposed to attack, to change all the passwords to the user accounts in the system, let alone to change the password of the user krbtgt, who is responsible for the access to Kerberos service.There are patches at the present time, which make getting such access to the system somewhat tricky. Once again it points out the necessity to update the operating system on a regular basis.
5) Make backups.All the critical data should have reserve copies. At that, specialists recommend keeping especially valuable information in storages, which are not connected to the Internet. It will reduce the chances for intruders to get them without physical access to the storages.
6) Users should be careful.A recommendation not to open attachments in letters from unknown addressees exists nearly the time of email to appear. Nevertheless, it is still one of the most popular ways of spreading a virus.Representatives of Ukrainian anti-virus developer Zillya recommend system administrators to forbid users opening zip и .exe files from attachments.Also, one should be careful about following the links from unknown senders. Sometimes, it is also rife with consequences.
7) System administrator’s vigilance.The role of system administrators in companies is vast. At the first signs of cyber-attacks, system administrators should provide with Internet disconnection. Also disconnection of a store with critical data. At times, positive isolation is the best way to secure data. About the author: Melisa Marzett is a writer who has a love for creativity and enjoys the process of writing guest articles. The topics vary, so she is up for any challenge when it comes to writing. At the present time, she writes for livecustomwriting.com, experimenting with different techniques (both web and print) and looking for more she could possibly use.
Do you like to write about your infosec knowledge, skills, opinions, or exploits?
Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!