Don’t Let Your Business Be Held For Ransom(ware) | #malware | #ransomware

The timing couldn’t come at a better time for threat actors or a worse time for everyone else. Since COVID-19 displaced workforces and many firms moved operations into the cloud as part of their overall digital transformation strategies, firms saw a massive uptick in the use of mobile devices—especially smartphones—to get work done. The problem is that this hybrid and/or remote workforce is relied on unmanaged devices and presented a very real risk to the firm and a very soft target for cyberthieves. Don’t forget, it only takes one compromised smartphone to wreak havoc on your business. Once the bad guys have installed malware on any given device, they could, for example, interrogate network traffic pre-encryption. If they installed a keystroke logger on the device, then they could intercept and harvest passwords or credentials. Let’s be clear: This means criminals could access your firm’s very sensitive and confidential client files.

Think it can’t or won’t happen to your business? Think again. Recently, the UK prime minister’s residence at 10 Downing Street fell victim to a major security breach after powerful spyware linked to the United Arab Emirates was found on a device. It is believed that the security breach took place in the summer of 2020 and was linked to the infamous Pegasus spyware—perhaps the most notorious example of malware. NSO Group’s Pegasus has been involved in many other very prominent attacks around the globe, including the UK’s Foreign Office and the mobile phones of Spain’s prime minister and defense minister more recently. And if it can happen there, it can happen anywhere.

Keep Your People Productive and Your Business Secure

Whatever the size or shape of your business, your people need to access both on-premises and cloud-based resources from any type of device and on any network. This will create many security headaches for your firm’s IT team. How are they expected to control who is accessing your firm’s infrastructure? How do they let people safely handle your sensitive data? How are people sharing that data? Fortunately, there are solutions that can help your firm alleviate the risk from ransomware attacks—right from any endpoint all the way through to the cloud.

Protecting your people against mobile phishing attacks is a solid first step, as this is a very common way for attackers to steal valuable login details. Behavioral analytics can provide a deep understanding of how your people behave online and on their devices, and can also help prevent malicious behaviors by searching for anomalies. Coupled with insight over your data, users, endpoints and apps, zero-trust access can also help ensure that your valuable data stays within your firm’s control.

Along with death and taxes, you can be sure that someone out there is measuring up your business’s weak spots in this perfect storm of remote work, reliance on smart devices and the fallibility of human nature. Some are predicting a mobile Armageddon. While this might be a little dramatic, a robust management strategy for all your devices and a robust security plan can help keep you safe.

Original Source link

Leave a Reply

Your email address will not be published.

20 − = thirteen