The ugly truth about cyber security

In the first half of 2017, IT specialists experienced
2 epochal shocks: WannaCry and Petya. These malicious programs encrypted data on computers running Microsoft Windows and demanded money for decryption. At the same time, the creators of viruses initially did not intend to provide this “service”. If someone transferred money in the hope of receiving a magic decryptor key, he was left not only without data, but also without money.
Most organizations greatly appreciate the advantages of electronic document management and therefore actively build the muscles of their IT systems. But until recently, few people prioritized the issue of cyber security. That is why not all of them passed the battle test that WannaCry and Petya arranged. These two massive targeted attacks clearly demonstrated the vulnerability of the information systems of Ukrainian enterprises. And finally, the issue of cyber security began to be considered seriously.
Cyber security is part of the information security of any organization. But its effectiveness depends not only on the software and equipment used. No matter how hard IT specialists try, no matter how strict measures they take, no matter how sophisticated protection measures they install, in any, the most reliable protection, there is always a weak link – users.
Do you know why, for example, Petya did not hit everyone? Elementary human factor: the accountant got sick or went on vacation, so the computer was not turned on and the malware was not activated.
However, the opposite also happens. For example, the system administrator of one large company recorded the spread of a virus within the enterprise. For a long time he tried to find out whose computer was the source of the infection. Found I ran to this user and found that he had been sitting for two hours and watched as the icons moved on their own on the desktop of his computer.
This surprised and amused the user. But it was not alarming. Therefore, he did not even think to inform the system administrator about strange actions on his car. And all the while, while he was enjoying the contemplation of flying icons, his PC was infecting other devices within the corporate network.

What have Ukrainian companies learned thanks to the recent mass cyberattacks?

Of course, cyber security will be perceived as priority #1. We recommend that such companies, first of all, make an inventory of all elements of the company’s IT system in order to understand what “holes” need to be closed. Next, it is necessary to conduct an audit of existing policies and rules for handling information, update them, regularly improve them, and require personnel to comply with the norms of these documents. This is the only tool today that can curb the ubiquitous human factor. It will not be possible to completely get rid of it, but it is quite possible to reduce its influence to a minimum.
The third stage is to properly set up the information system (scheme for building a local data transmission network, build a competent perimeter at the border of local and global networks), implement and use a unified threat management system, segment the local data transmission network, regularly backup data. These measures in a complex will prevent attacks or restore the operation of the enterprise with minimal losses.
There is no single simple silver pool.
This is the bitter truth.
Ivan Zimin,
technical director of IT-Solutions