Experts advise how to effectively protect your business from cyber- attacks

Cyber-attacks are in the top 10 of the Global Risks and they will stay there for a long time. Continuously evolving cyber hacking tactics and tools, geopolitical turmoil is increasing the risk of cyber-attacks for both small and large businesses, according to experts from ACME Grupė and the group’s company, ACC Distribution. The companies’ experts advise on what to look for and what to do to protect yourself from cyber threats.

“We monitor the market and see that, despite the fact that the number of cybercrimes is decreasing, their effects are becoming more dangerous. Such incidents require more and more involvement of different authorities and more vigilance and protection measures for companies,” says Artūras Luckus, cybersecurity expert at ACME Grupė.

According to the Cybersecurity Agency, cyber intrusions are currently dominated by malware (viruses, suspicious programs that are difficult to identify and detect), followed by phishing, which seeks to collect data from individuals by inviting them to click on fake links. The third most popular cybercrime is the distribution of spam emails and misleading information to take advantage of people’s gullibility and extort data, logins and money.

According to A. Lucas, the popularity of cybercrime changes every year, and new methods of cyber-attack are constantly emerging. Sometimes even cybersecurity professionals find it difficult to recognise how the latest hacks work.

The EU’s Cyber Security Agency predicts that cybercrime will increase rapidly this year, mainly due to geopolitical crises. Therefore, to fully protect businesses from cyber-attacks, it is essential to analyse cyber risks in all business processes, from the employee chain to the protection of business data and the service chain. Relying on human awareness is not enough, it is essential to use technological solutions that filter and analyse systems using artificial intelligence and help prevent up to 90% of cyber-attacks from being hacked.

Employees are still the most vulnerable consumers

How can companies help their team members avoid cyber-attacks? It is acknowledged that employees are still the most vulnerable link in the event of a cyber-attack. Therefore, it is essential to ensure that your company has the right data protection measures in place and to educate your employees on an ongoing basis.

“For example, teams of ACME Group companies participate in the National Cyber Security Exercise, which simulates various situations. We also organise internal training sessions and reminder messages about examples of hacking incidents,” says Artūras Luckus.

He says that during his own training he always encourages people to be very critical of any information in email and on the internet: “You should not expect to be ‘hacked’, you should be prepared to be ‘hacked’.

Employee logins to systems. Do passwords solve everything?

Tadas Juškevičius, Head of Network Hardware and Security Solutions at ACC Distribution, says that to protect an organisation’s IT infrastructure, it is necessary to use additional means of authentication, such as MFA (Multi Factor Authentication).

“Secure access to an organisation’s IT network and data resources with multi-factor authentication should be part of every company’s security hygiene. These measures are also used for connecting to social networks, with the additional authentication of Google or Microsoft Authenticator applications. Multi-factor authentication provides additional protection against malicious attempts to access information in the company’s infrastructure or to install malicious software,” advises T. Juškevičius.

Tadas Juškevičius, Head of Network Hardware and Security Solutions at ACC Distribution

Multi-factor authentication products for businesses currently on the market ensure that employees have a secure connection to the network: “These are solutions that use the DNA of the phone for additional authentication, so that if the administrator has registered a login with this unique phone, no other person can log in with their smartphone.”

What should secure enterprise software hygiene look like?

“I would compare corporate security to an onion. Just like an onion has several peels, the security of a company, its protection against threats, must consist of several layers,” T. Juškevičius, Head of Business Solutions at ACC Distribution, illustrated the comparison.

Three levels of antivirus software are popular on the market. Level 1 anti-virus software monitors your computer for known virus signatures. Virus signatures are collected in databases, some of which may be public and shared, while others are hosted in private databases.

The second type of antivirus monitors suspicious apps and places them in a special sandbox where it monitors the app’s actions, for example, whether the app tries to connect to suspicious websites. Viruses are usually intelligent, analysing whether they have been placed in special containers or whether they have already appeared on a computer where they can start working. Ways of avoiding viruses can include delaying execution, detecting hardware, checking CPU temperature, user interaction (keyboard and mouse clicks).

The third type of antivirus analyses the processes running on your computer using artificial intelligence and blocks suspicious processes.

The perimeter of organisations is typically protected by firewalls, ideally complemented by the three levels of anti-virus software protection listed above. In other words, these anti-virus software tools are installed together with the firewall, so that all passing internet traffic is protected from a wide range of threats. In this way, computers and servers inside organisations are protected. And what if an employee is remote?

If you work remotely and connect to systems over the public internet, even with passwords, your computer, and the data it contains are only partially protected. That is, corporate firewalls do not provide protection for employees working remotely. When an employee works from home, the same level of protection needs to be built into the employee’s computer as is provided by the firewall and the ancillary tools that protect against malicious activity on the corporate network.

“In order to make the right choice of computer protection programmes, it is advisable to use international ratings. Some organisations test and rank anti-virus software, such as the AV Test Institute (https://www.av-test.org). “Avast, Norton, ESET, Bitdefender stand out for their parameters and are at the top of the TOP list of tested applications. They are also usually in the top ten recommended antivirus programs worldwide”, says the interlocutor.

It should be kept up to date with software updates and have a multi-level security system in place, such as VPN (Virtual Private Network) for employees to connect to the company’s IT resources, workstation anti-malware software, Multi-Factor Authentication (MFA) and DNS filtering.

Whether the workplace is remote or not, it is important to keep the programs and applications on your computers up to date with the latest versions. Many security experts regularly analyse security vulnerabilities in existing software packages and make this information publicly available. On the one hand, this is good for manufacturers to correct security flaws, but on the other hand, this publicly available information can and is used by individuals with malicious intent in cases where organisations do not take care to update their software.

If the software is not updated in time and security vulnerabilities are exploited by criminals, the result can be catastrophic, according to T. Juškevičius. It is understandable that users need to concentrate on their immediate tasks and not be distracted by constant updates. This can be done for them centrally by dedicated software that automatically updates the software (Patch Management).

According to the ACC Distribution specialist, an additional tool that is very valuable and impactful is software that checks Internet addresses in e-mail messages, i.e. DNS filtering. This software assesses whether a link in an e-mail is safe. It is now quite common to try to deceive employees by sending them misleading links, for example, micrsoft.com is replaced by the false address micrasoft.lt, which redirects the person to a malicious website. This is prevented by a program that checks the authenticity of addresses and blocks access if it finds that the website “behind the link” is malicious.

Organisations need to regularly create local backups of information stored on servers, PCs and in the cloud (OneDrive, Google Drive) and store them not only locally but also on remote NAS servers.  Several NAS manufacturers on the market offer free software along with their hardware, enabling regular backups to be made and stored on remote NAS servers and, in the event of a cyber-attack, to restore the encrypted information within a timeframe acceptable to the business.