Introduction

In December 2020, a highly sophisticated cyberattack was discovered on commercial software developed by IT company SolarWinds. This global attack affected multiple federal agencies and technology contractors. By inserting a backdoor into the software, malicious actors were able to infiltrate SolarWinds’ supply chain. Attackers were able to access systems running the software, including customers who downloaded the Trojan Horse installation packages from SolarWinds.

 

In May 2021, a Colonial Pipeline Company employee found a ransom note from hackers on a control-room computer. A Darkside ransomware attack forced the pipeline to take their systems offline to contain the threat. By being forced to temporarily halt operations, this cybersecurity attack caused a major disruption to almost 50 million U.S. customers. In the end, the company authorized the payment of $4.4 million ransom because executives were unsure of the extent the cyberattack breach on its systems and how long it would take to restart the pipeline.

 

The continuously increasing cyberattacks demonstrate the need for cybersecurity practices to ensure operations, protect confidential information and ensure security – from private companies to governmental agencies.

 

Types of Cybersecurity

Cybersecurity is a practice of defending networks, devices, programs and data against instances that may interrupt or destroy the confidentiality, integrity, and availability of information. This includes protecting networks, devices, and data from unauthorized access. Types of cybersecurity that can contribute to a strong cybersecurity protection strategy may include:

 

Critical Infrastructure: Almost all critical infrastructure is connected to the Internet, such as water and gas. Consider the effect a cyberattack on critical infrastructure would have on your organization and plan accordingly.

 

Network Security: Secure the confidentiality and accessibility of data and networks by using both hardware and software systems.

 

Cloud Security: Cloud security is meant to protect data in the cloud, ensure regulatory compliance and protect privacy. This can also include authenticating access to information in the cloud for individual users and devices.

 

Application Security: Application security focuses on identifying, fixing and preventing security vulnerabilities of an application, such as websites. This includes secure coding, penetration testing and ethical hacking to find weak spots

 

Internet of Things (IoT) Security: The Internet of Things (IoT) is a collection of devices that are connected to the Internet, and include both critical and noncritical systems. These devices often lack security protections and can introduce threats to unaware users. IoT security is focused on securing these connected devices and networks, from printers to industrial machinery.

 

Antivirus Software: Antivirus software will scan files and the memory usage of devices to analyze patterns of activities that may indicate a high likelihood of malicious use of software, or malware. Performing periodic scans is one of the most effective ways to protect computers against malware.

 

Firewalls: Firewalls, which can be hardware or software-based, can block unwanted access and outside attacks. Hardware firewalls are physical, external devices installed between network connections and computers, modems or routers. Software firewalls are programs installed directly on devices that regulate traffic.

 

Trusted Website Certificates: Website certificates ensure that websites are using the proper level of encryption. This can often be seen as a small, closed padlock that can be found on the browser window. An encrypted website will also have a URL that starts with https, instead of http.

 

Cyber Threats

A cyber threat is a malicious attempt to damage or disrupt a computer network or system. The following are common types of cyber threats:

 

Backdoor Attacks

This is a cyber attack method where authorized and unauthorized users are bypass normal security measures and gain high-level user access to systems, networks or applications. Cybercriminals can use a backdoor for malicious activities, such as stealing data, installing malware and gaining control of devices.

 

Malware

Malware is malicious software designed to harm or exploit any device, service or network. Malware impacts the availability of critical assets and data which negatively impacts an organization’s daily operations. Malware includes viruses, scareware, worms, spyware trojans and adware.

 

Ransomware

Ransomware is when malicious software is installed by hackers. This software encrypts files making them inaccessible unless a ransom is paid to have them restored.

 

Spoofing

Disguising communication from an unknown source as being from a known, trusted source, such as an email address, sender name or website URL. Spoofed communications can lead the user to download malicious software or disclose sensitive information.

 

Phishing

Phising schemes often use spoofing techniques to trick users into providing personal information. These scams are designed to trick users into providing personal, financial or other confidential information to cybercriminals.

 

Eavesdropping

This occurs when cybercriminals steal information sent or received by a user by listening to private communications between unsecured network hosts.

 

Clickjacking

Hijacking a user to click on a link to another website, rather than the one they intended to visit. Clickjacking may involve routing the clicks or sometimes a user’s keystrokes.

 

Personal Cybersecurity Practices

Whether at home or in the office, everyone should apply cybersecurity practices to protect their personal information, personal devices and networks. The following are common and effective practices for improving personal cybersecurity:

 

1. Follow Email Best Practices

Individuals can reduce their exposure to threats by avoiding opening attachments or links from unknown senders. Verify the sender through secondary methods, such as a phone call asking in person. If the verification fails, delete the email. Verify website certificates before navigating to a site that has been embedded as a link via email.

 

 2. Safeguard Authentication

Strong authentification starts with safeguarding the network routers. Enable multi-factor authentication, security questions and trusted device identification. Disable the feature that allows websites to remember login information and passwords.

 

3. Stay Safe on Public Hotspots

Public places such as coffee shops, stores, hotels and airports offer wireless hotspots for customers to access the Internet. It’s often tempting to rely on local Wi-Fi networks to stay connected, however, because the underlying infrastructure and security is often unknown or weak these hotspots are susceptible to suspect activity. When possible, use the cellular network to connect to the Internet instead of public hotspots. If using public Wi-Fi, consider using a trusted virtual private network (VPN) that protect your connection from malicious activities and monitoring. Ensure to practice physical security in public places and don’t leave devices unattended.

 

Recommended Cybersecurity Standards to Reduce Cyber Risk

ISO 27001 –  Information Security Management System (ISMS)

ISO 27001 is the international standard that provides the framework for establishing, implementing, maintaining and continually improving an information security management system. ISO/IEC 27001 includes requirements for assessing and managing information security risks specific to the needs of the organization.  ISO 27001 is applicable to organizations of all sizes in every industry and assists with aligning activities with information security with best practices.

 

ISO 27004 – Security Techniques – Information Security Management

ISO 27004 is intended to assist organizations with evaluating their information security performance and the effectiveness of their ISO 27001 information security management system. Organizations can use ISO 27004 to measure the effectiveness of their ISMS implementation and their performance regarding information security objectives or metrics.

 

NIST 800-53

NIST SP 800-53 is a set of standards and guidelines for federal agencies and contractors regarding information security and privacy controls. These controls help safeguard information systems to maintaining the integrity, confidentiality, and security of federal information systems. Compliance with NIST 800-53 is a major component of Federal Information Security Management Act (FISMA) compliance.

 

Cybersecurity Maturity Model Certification (CMMC)

The Cybersecurity Maturity Model Certification, or CMMC, is a unifying standard for the implementation of cybersecurity across the Defense Industrial Base (DIB). This is to reduce of the risk of Controlled Unclassified Information (CUI) being exposed to unclassified networks, whcih in turn increases risk to national security. CMMC is designed to increase assurance to the United States Department of Defense (DoD) that a DIB can protect sensitive unclassified information, including information that flows down to their supply chain. The CMMC Model framework ranges from CMMC Level 1 to CMMC Level 5.

 

Doing Business with the Department of Defense (DoD)

All organizations in the defense contract supply chain handling CUI will be required to attain a CMMC certification between Level 1 and Level 3 to qualify for government contracts. The CMMC Certification Model is scalable and depends upon the sensitivity of DoD information it will work with. Government contractors can learn more about CMMC by clicking here.

 

The Future of Cyber Security

On May 2021, President Joe Biden signed an Executive Order which aims to improve the nation’s cybersecurity and protect federal networks. It is specifically aimed at strengthening U.S. cybersecurity defenses both in the public and private sectors. The Executive Order requires IT Service Providers to share certain breach information, Software Developers to maintain greater visibility of software and make security data publicly available.  An increase in the security of federal networks may mean that all federal government agencies, beyond the DoD, will require their supply chain to implement cybersecurity controls.

 

How We Can Help

If your organization is ready to improve cybersecurity practices and prevent cyber risks, we have the resources to meet your management sytem needs. Our management systems experts provide ISO 27001 and CMMC consulting and auditing services. For DoD contractors or other organizations looking for CMMC certification will need to schedule a CMMC-AB assessment with an authorized C3PAO, such as the CMMC Certification Group. These are CMMC-AB certified third-party assessors who are issue the CMMC Maturity Level Certificate. Contact us to learn more about how we can help your organization with its ISO 27001 or CMMC needs

 

Author

Victoria Ontiveros | Marketing Supervisor

Victoria focuses on creating quality educational content that provides value to current and potential clients. By collaborating with members of leadership and sales, she is able to develop informative articles that answer common questions and connect with current trends.

Victoria earned her Bachelor of Science in Sociology with an emphasis in communications from Texas A&M University.