In a time of war, it’s important to stay secure

Credit to Author: Susan Bradley| Date: Mon, 28 Feb 2022 06:09:00 -0800

As Russia invaded Ukraine, seeing the disruption in the world occur in near real time on social media brought poignancy to what was happening. While I don’t know anyone in Ukraine, I know many people who have friends or family members that have been impacted by the war. Ukraine has many technology ties around the world. It’s also been a source of cyberattacks, which is why there’s extra concern about what we can do to protect ourselves in case of attack. (Eastern Europe has often been the source of many of the ransomware attacks that occur around the world.)

So what can tech users do to ensure you protect yourself from possible cyberattacks arising from the conflict?

First off, don’t try to turn yourself into a denial-of-service attacker to go after various targets. (It’s most likely against the terms of service of your ISP to launch attacks against other countries.) But there are steps you can take to ensure you’re not encouraging cyberattacks — or falling victim to them.

Start by making sure you have an external hard drive and an offline backup. Various ransomware groups have indicated that if any entity or firm attacks Russia, they would take counter measures. So, be sure  you have a recovery plan that doesn’t include paying a financial ransom to these firms. Even if all you have is a single computer, whether you run Windows or macOS, you should have an external drive to store copies of the documents and files you’ll need. I typically purchase an inexpensive external drive that is connected via a USB cable. Then, I either purchase third-party backup software or use the native process to back up my system. If I have a laptop from a standard vendor — and that vendor posts all of the hardware drivers online long after the laptop’s warranty has expired — I typically avoid doing a full traditional backup, including imaging. Instead, I focus on ensuring I can recover the data on the device.

In fact, I might not store data on the laptop at all; if there’s some sort of cloud storage option enabled, I save to that location first. The situation is different in the office, where I might need to get a desktop or a laptop back up and running as soon as possible; there, I’d have a full backup of the system so I can replace the hard drive if need be and get right back to work.

With Windows 10 and 11 systems, you’ll want an SSD hard drive. For these operating systems in particular an SSD as your boot drive is basically mandatory. (You will have a less-than-ideal experience if you use an older, mechanical hard drive, and they’re prone to failure.) At the office, I keep spare blank SSD drives so I can quickly restore a system and get it functional again.

Next, review what exploits are in active use and whether you’ve got patches installed to protect yourself. The Cybersecurity and Infrastructure Security Agency has put together a listing of vulnerabilities under active attack. If you carve out the vulnerabilities just for Apple and Microsoft (as I have done here) you’ll want to install the February updates to your iPhones, iPads, and any other Apple devices. That will ensure you’re protected from the zero-day, use-after-free memory corruption bug in the WebKit rendering engine. (WebKit powers Apple’s Safari browser.)

On the Microsoft platform, ensure you’re up to date through the January updates to protect your systems from a Win32 bug that is under active attack. In fact, I’d recommend that you install updates through February, as this includes fixes for patch-induced bugs in January. The February Microsoft updates have not caused any major issues, so they should be safe to install. Also make sure your Office is up to date. Phishing attacks are a key way ransomware can enter your system — pay attention to patching Office and be wary of opening emails.

Businesses need to pay extra attention to on-premises SharePoint and Exchange systems. These two platforms have been in the crosshairs of attackers so make sure the November updates are installed for Exchange deployments. For those that have on-premises SharePoint on older platforms, be sure you are patched for various 2020-era SharePoint vulnerabilities.

Bottom line: bolster your defenses to ensure that you don’t fall victim to any cyberattacks that may emerge and are protected from ransomware. The small steps we can all take to protect our systems can go a long way to helping the larger community fend off attacks.

http://www.computerworld.com/category/security/index.rss

Leave a Reply