You are the CEO of a large organization. It\u2019s Saturday evening and you\u2019re at home alone. When suddenly\u2026<\/p>\n
Your phone rings!<\/p>\n
It\u2019s your CISO. \u201cSomething terrible is happening,\u201d they say. \u201cWe\u2019re being hacked, right now!\u201d<\/p>\n
The attack has already paralyzed all your system and admin accounts \u2013 forcing multiple virtual machines within your Azure cloud environment to become activated and start using large amounts of data.<\/p>\n
What do you do?<\/p>\n
If you think this scenario sounds unlikely, then think twice. It\u2019s much more common than you imagine. Cyberattacks are an increasingly ordinary occurrence in todays\u2019 business world. They\u2019re also often extremely easy to trigger \u2013 even a simple phishing email can cause them. Someone accidentally clicks on a link and if you or your organization haven\u2019t taken the right measures, the attacker will have an open window to get in and take over.<\/p>\n
<\/p>\n
Criminal organizations are often just as well organized as your average multinational company. One department is responsible for sending phishing emails, while another does research on people \u2013 selecting who to target based on their vulnerability. Meanwhile, there\u2019s a specific division developing ransomware to encrypt data, and another tasked with negotiating and placing initial offers with the victim.<\/p>\n
<\/p>\n
All of these are cells that work together on an outsourcing model that is highly professional and aimed at major victims. Especially lately. We’ve recently seen a major shift from hail shooting to targeted operations. Because the larger the fish, the higher the income.<\/p>\n
<\/p>\n
Hackers don’t have to hack, they just log in. Once your username and password have been stolen, the hacker is inside your network. Some criminals know a particular network even better than the system administrators themselves.<\/p>\n
<\/p>\n
You don’t see them. They just stay under the radar until the moment comes to strike. As a person receiving regular emails, you should always be on your guard. You should be able to recognize a strange email as soon as you get it.<\/p>\n
<\/p>\n
However, hackers are becoming more and more skilled. Sometimes it\u2019s easy to miss something potentially malicious. They might use psychological tricks, such as time emergencies, to pressure you to click. So if you ever do click on the wrong e-mail, make sure that the impact is limited. Continuously backing up your files and data points is a proven, well-functioning defense strategy. You avoid losing everything, and at the same time you guarantee continuity.<\/p>\n
<\/p>\n
Endpoint protection starts with Multi-Factor Authentication (MFA). This means that every account within an organization should be protected with multiple types of identity protection. Priority should be given to Administrative and Systems accounts, which are more often targeted.<\/p>\n
Safeguarding these accounts is your first line of defense to protect your (cloud) environment and improve your cloud security posture.<\/p>\n
Using MFA on admin and system accounts is just one of many initiatives you can implement. It\u2019s also important to think about the rights these accounts need. Does an admin account need access to other (public) networks? Are the rights of a system\u2019s accounts still valid after many years?<\/p>\n
Have you created a \u2018broken glass\u2019 account for worst case scenarios?<\/p>\n
A lot of thinking and planning is needed when it comes to keeping your environment safe.<\/p>\n
<\/p>\n