“Every business segment, regardless of size of industry, is under attack. But the Telco/Service Provider segment is the most attacked segment in the first half of 2021.”
That’s Christopher Cook, CEO of Lokx. He joined the Fiber Broadband Association’s Fiber for Breakfast with Chris Silvers, CEO of GC Silvers Consulting, to share the five most common causes of cyber breaches and 10 practical steps to protect yourself and your business.
The 1H 2021 Global Threat Landscape Report states that the Telco/Carrier sector experienced 160 cyber-attacks in the first half of 2021, topping government, MSSP, Automotive and more.
T-Mobile and AT&T are the two most recent attacks, Cook noted, each having 50 million records breached.
“For all of the headlines, there are thousands more breaches that you never hear about,” Cook added. “The bad guys go to work every day, dreaming up the next attack. They are wealth enhanced, and they operate like the mafia.”
Ransomware is the most common form of cybercrime. Cook equates it to robbery: the kidnapping of your data and holding it ransom until you pay up--and some still don’t release it after payment.
“It’s the gift that keeps on giving,” Silvers said, adding that cyber criminals can recycle their ransomware victims.
“If you think that the attacker just got on your network and just sent you a ransom note, you’re fooling yourself,” he said. “The average time the criminal is on your network before contact is six months.”
Other common causes of a cyber breach include business email compromise (most commonly a fraudulent wire transfer), vulnerability management (not just patch management), social engineering or phishing attacks and wireless access breaches.
“Wireless clients are vulnerable,” Silvers said, adding that a common breach is client-side laptop login theft using WPA-enterprise.
The insurance industry used to be cavalier in offering cyber insurance to best protect your business, but Silvers and Cook said those offerings will soon be few and far between as claims are approaching $2 million.
“As 2022 rolls around, it’ll be largely up to you and the defenses that you have in place to protect your business,” Cook said. “You won’t be able to fall back on cyber insurance like some businesses were able to do.”
Cook and Silvers offer the following 10 recommendations:
- Have an up-to-date asset and network inventory
- Establish network segmentation
- Implement Two Factor Authentication (2FA) and architect for Zero-Trust
- Implement end-point protection (EPP/XDR) and a secure configuration process
- Formal software patching process -- kept up to date
- Collect logs and implement real-time detection
- Backup, restore and disaster recovery, preferably offsite and air gapped
- Implement an actively practiced written incident response plan
- Ensure appropriate training and awareness at least quarterly
- Define roles and responsibilities
Listen to Silvers and Cook’s full presentation on the Fiber for Breakfast podcast https://soundcloud.com/user-491717682/ffb-episode-38-ten-steps-to-avoid-a-cyber-breach.