How to make a company “invisible” to hackers


Article by Comodo Security A/NZ Vice President Greg Wyman.

Crucial to any business is how to stop a cybersecurity breach AND the damage it causes within the budgets available.

Businesses of all sizes need to have the “right” security in place to ensure hackers bypass their business and attack another victim. This process is often referred to as making a company “invisible” to hackers.

In a rush to make work-from-home possible as soon as possible, many users have connected to the internet via insecure home WiFi. This has created a unique opportunity for hackers and attackers to penetrate and infect.

The situation is potentially even worse as these infected computers are then brought back into the office and plugged directly into the corporate network behind the firewall, giving hackers direct access to the entire network.

Every week we hear that another multinational has been attacked, its data stolen, a ransomware attack launched, and customers extorted. This makes headlines because of the size and severity of the breach, but these are not most attacks.

Small and medium-sized businesses are at the greatest risk of cyberattacks as they typically only have basic AV (Anti-Virus) or NGAV (Next Gen Anti-Virus) and possibly EDR (Endpoint Detection and Response) products installed – making them ‘easy’ targets for hackers and malware.

A small business often doesn’t fall victim to a targeted attack by a hacker, but instead tries to infect as many (small) businesses as possible using the hackers’ “spray and pray” mythology – it’s quite simply a volume game.

The more companies they infect, the greater the chances that they will make money. Recently, ransomware claims start at $50,000 to $100,000, even for micro businesses with just a handful of computers.

Hackers see the economics — it’s harder to break data, steal data, and launch a ransomware attack (typically worth between $2 million and $10 million) against an organization that has hundreds of thousands or even millions of dollars spending on cybersecurity. A large company may even have an SOC (Security Operations Center) with a dedicated team of security experts constantly on the lookout 24/7 for signs of a breach.

On the other hand, it’s relatively easy for a hacker to infect 10, 50, or 250 small businesses with basic AV and bill them over $50,000 each. In fact, another victim is infected with ransomware every 10 seconds, according to Infosecurity Magazine. That must beg the question, how effective is your cyber security product at protecting you?

The reality is that it is mathematically impossible to be 100% shatterproof, no matter how much is invested in cybersecurity. There are simply too many attack vectors, and when combined with the attackers’ ever-increasing capabilities, it becomes problematic.

Even the most inexperienced attacker can now “rent” a SaaS model for ransomware on the dark web. It’s called Ransomware-as-a-Service and it starts at just $100 per month, making it daunting for customers and MSPs alike.

The main problem is that hackers can evade detection by traditional AV and NGAV products, essentially opening doors and windows for a hacker to find out what the company has, steal their data, and launch a ransomware attack .

All is not lost; We simply need to get back to basics, understand the new problems, and implement affordable solutions to minimize those problems. The goal for a small to medium-sized business is to become as “invisible” to a hacker as possible.

This involves moving from “old-school” detection-based cyber security products to prevention-based solutions designed to stop the damage being done.

The example below focuses on small to medium-sized businesses with limited budgets and minimal security skills. But of course the same solutions can be used in medium to large organizations in combination with additional layers as they are exposed to more targeted attacks and need additional layers of defense as the attacks are more focused and targeted.

The three pillars of a prevention-based cybersecurity solution that helps make an organization “invisible” are:

  • know what you have and which devices/applications have vulnerabilities that a hacker can exploit. Objective: Close the doors and windows to make it difficult for a hacker to see and exploit the store. Run continuous, always-on vulnerability scans across your internal and external networks.
  • Understand what data is regulated, private and sensitive, their value, track how they move, where they flow in and out, with optional encryption of the data once it’s no longer actively needed by the business. Goal: Once breached, the vast majority (often more than 96%) of the data a hacker steals is encrypted and has no value to the hacker.
  • Deploy prevention-based security to replace “old-school” detection-based AV and NGAV products which prevent ALL unknown malicious files from being written to disk. Goal: Stop injury before infection occurs without impacting productivity.

Well, a company might not be completely invisible, but it’s exponentially harder for a hacker to break through, and the goal is to move on to the next victim. As a guide, each base tier should cost less than $5 per endpoint per month, with options available if more advanced protection is required.

Article by Comodo Security A/NZ Vice President Greg Wyman.


About Author

Comments are closed.