Recent ransomware attacks necessitate focus on continuous patching and cyber hygiene
The number of ransomware attacks are at an all-time high. Ransomware victims paid more than USD $300 million in 2020. Moreover, many malicious attacks are being perpetrated by cyber criminals who are supported directly or indirectly by Nation State actors. Ransomware is an urgent problem that affects everyone.
New York Times reporter and author of the new book, This Is How They Tell Me the World Ends, Nicole Perlroth details the history of the cyberweapons market, revealing the most secretive, invisible, government-backed market on earth. Perlroth brings the urgent threat of the global cyber arms race and zero-day exploits to light. In May, US President Joe Biden issued an Executive Order on Improving the Nation’s Cybersecurity. The Executive Order was issued after one of the nation’s largest pipelines, which carries refined gasoline and jet fuel from Texas up the East Coast to New York, was forced to shut down. The order states, “The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.” President Biden makes the prevention, detection, assessment, and remediation of cyber incidents a top national priority and makes it clear that the Federal Government must lead by example. (BigFix is used by many Federal agencies and departments to patch systems and triage security threats.)
Recently, Brit McCandless Farmer, digital producer for the US news show 60 Minutes, wrote the article, Ransomware: Prevent your computer from being infected. In the article, Farmer highlights three key actions to prevent a ransomware attack:
- PRACTICE “CYBER HYGIENE” – Among the five actions Farmer listed, regularly updating your password continues to be one of the most important things any computer user can and should do. Fortunately, BigFix can enforce password policies across an organization’s fleet of endpoints. In fact, BigFix can manage password change frequency on any endpoint running Windows, UNIX, Linux, macOS. Mobile devices such as phones and tablets running iOS, iPadOS, and Android may also have restriction policies that control password change frequency and complexity.
- BEWARE THE PHISHING EMAIL – The most common way to get infected with ransomware is by clicking on a link within a phishing email. A phishing email tries to get the user to open an attachment or click on a link which then installs ransomware or other type of malware. Once installed, malware can work quietly, often exploiting known vulnerabilities in application software or operating systems which have not been patched.
- ALWAYS UPDATE YOUR COMPUTER’S SOFTWARE. IT and Security operations teams work tirelessly keeping servers and workstations patched. Unfortunately, given the number of vulnerabilities found in operating systems and third-party applications, the sheer volume of such vulnerabilities is overwhelming. As a result, Operations teams are often only able to focus on critical or high severity vulnerabilities. To make the situation more challenging, many endpoint patching software programs require the workstation to be powered on, and to either be in the office or signed into a corporate virtual private network (VPN) when a patch is deployed. With employees working from home or in cafes, IT organizations may fail to reach all endpoints, resulting in a significant number of unpatched and vulnerable workstations. BigFix solves these types of typical problems. BigFix can power-on workstations in the office and can deploy to employees’ workstations at home or in cafes without a connection to a VPN. As a result, BigFix often delivers a 98% first-pass patch success rate! Because of the BigFix intelligent agent, continuous compliance can be maintained in this same manner. This means that if a user changes a configuration setting or uninstalls a patch, BigFix will automatically return the configuration setting to the desired value or reinstall the patch.
Farmer also notes that COVID-19 has made the problem of ransomware and malware more challenging because protecting employee’s computers at home is more difficult than protecting them inside the corporate firewall. To help solve those challenges, BigFix released a cost-effective Work From Home solution in March 2020 as shutdowns began occurring across the globe forcing employees to work from home. Because of this solution, IT and Security teams were able to keep employees’ workstations patched and in compliance without a VPN connection. More recently, HCL released BigFix Insights for Vulnerability Remediation, speeding vulnerability remediation by automating the research effort required to correlate vulnerabilities discovered by Tenable and Qualys with available patches in BigFix.
BigFix is a core element of many public and private organizations’ cyber defense and security compliance strategy. BigFix is the best tool for automating patching and ensuring compliance of all endpoints in the enterprise – whether they are in the cloud, in the office, or at home. Patching is the most important line of defense against cyber-attacks, both for zero-day exploits as well as older vulnerabilities that have not yet been remediated.
Find more. Fix more. Do more.
To learn more about BigFix, visit www.bigfix.com or request a free BigFix trial today.
