When computer systems are outdated, the chance of experiencing some form of cybersecurity breach dramatically increases. What risk does this pose to legal aid firms and how can you protect your organization?
Know the Risks
The media frequently reports high profile data breaches for well-known organizations, because cyber criminals choose to target those businesses for financial gain. But any business can be a target, even a legal aid office and there are significant risks to your organization’s reputation and finances, not to mention possible federal legislative penalties if confidential data is breached. The most common threats include:
Ransomware – An exploit that is loaded onto a computer or server with the intent of extorting money. The exploits usually attempt to lockout user documents and files, and hackers demand payment to a bitcoin address to unlock the files.
Data Breach – This is when private (often confidential) information is deliberately targeted to be made public or sold. There is a major risk of reputational damage if confidential data is made public or sold on the black market.
Fortunately, there are a number of prevention techniques that can help you protect your organization from a cybersecurity breach. These include:
1. Update Your System
To help prevent cyber attacks, your systems should run on a modern, manufacturer-supported operating system (OS). The hardware used within your IT infrastructure and your software must also be kept up-to-date.
Operating systems – Products such as Microsoft Windows have a set life cycle where the manufacturer will actively support the OS for a specified number of years. Being aware of the key dates of the software life cycle can help your organization make informed decisions about when to update, upgrade, or make changes to critical software. OS manufacturers offer technical support, security updates, service packs, and technical enhancements to their products.
When an OS becomes “end-of-life”, the maintainers cease further development and stop creating security updates. As the software becomes out-of-date, it becomes an easy target for hackers wanting to exploit the OS. It is important not to have any systems which run obsolete operating systems. Desktop PCs running Windows XP, Vista, and soon Windows 7 have become obsolete in recent years. Server platforms running any OS prior to Windows Server 2008 R2 are also end-of-life.
Windows Server 2008 R2
Windows Server 2012
Windows Server 2016
End of Life Date
Unpatched operating systems and software – Applications still being supported will receive regular monthly updates from the manufacturer. These typically include security fixes and server hardening updates, and they can protect your system.
When the “WannaCry” ransomware exploit was released in May 2017, it manipulated a “hole” in the Windows operating system which allowed the execution of unauthorized code. Microsoft was aware of this exploit in March 2017 and released KB4013389 to patch the exploit. When the exploit struck, a vast number of high-profile organizations had not updated their operating systems or antivirus software, resulting in a widespread infestation of the malware, financial losses, and thousands of hours of downtime.
Unpatched IT infrastructure – Computer and server hardware, as well as networking and storage infrastructure, has complex code built-in which instructs the hardware how to operate. Manufacturers release microcode and firmware updates to harden the devices against attack. Arguably the highest profile example of this is the Spectre/Meltdown exploit which affects every Intel Processor manufactured since 1995.
2. Outsource to the Cloud
Many organizations struggle to keep on top of the demands of keeping an updated IT infrastructure. An increasing number of businesses are choosing to outsource their IT services to a Managed Service Provider (MSP) or Cloud Provider. This is an incredibly effective method of preventing cybersecurity breaches as the IT systems are managed by a third-party who are experts in securing systems. The MSP is contractually obliged to patch the operating systems, patch the applications, and update the firmware and microcode on the associated hardware. Many MSPs also offer a managed service which incorporates antivirus protection, backups, and data protection. Data can be encrypted at rest and access restricted to authorized personnel only.
It is every employer’s responsibility to ensure its personnel are aware of the techniques cyber criminals use to exploit systems, as well as putting in place preventative measures to improve data integrity. Educating employees from the top to the bottom is essential to ensure that they understand the basics such as:
Spoofing – When a third-party maliciously impersonates a genuine IT system/device with the intention of launching attacks against networks, stealing data, or spreading malware. Spoofing can apply to emails, phone calls or websites and is used to gain control of vulnerable systems.
Phishing – When a third-party attempts to impersonate a genuine source and sends fraudulent communications. Typical examples include impersonating banks, insurance brokers, and legal firms. Often these are disguised within genuine-looking emails.
Whaling – A derivative of phishing, however, the target is always a senior executive, CEO, company director, or high-profile employee. The main aim is to steal sensitive information usually about the target or target company.
4. Add extra security layers
Another key area that can be used to harden your organization security is to add extra security layers to your organization. Often when choosing to outsource IT operations to a cloud provider, they will already utilize a hardware protection layer which acts as a security gateway to your organization. Probes monitor and manage traffic on the network looking for suspicious activity or compromised systems. Any part of the network can be isolated to stop infection should these fail-safes be breached.