Better safe than sorry: Why organisations shouldn’t neglect cyber hygiene

With cyber-attacks becoming more frequent, complex and damaging, cyber hygiene plays a vital role in helping government entities and businesses to keep sensitive data secure. Cyber-attacks not only interrupt normal operations, but may also result in data theft or cause damage to important IT assets and infrastructure undermining public trust and confidence. The potential economic costs of such incidents can be immense, and this may include substantial government penalties for failure to prevent a data breach.

In February 2022, the UK Information Commissioner’s Office (ICO) fined British criminal law firm Tuckers Solicitors over a 2020 ransomware attack that led to the encryption of over 972,000 files, including nearly 25,000 files relating to court proceedings. Of the encrypted court bundles, 60 were exfiltrated by the threat actor and leaked on the Dark Web. The compromised files contained “a comprehensive set of personal data,” including medical information, witness statements, name and addresses of victims and witnesses, and the alleged crimes of the individuals.

The watchdog had imposed a fine after it determined that Tuckers had not implemented the relevant security measures and therefore created a substantial risk allowing the attacker to exploit the weakness. The penalty was initially levied in line with 3.25% of Tuckers’ annual turnover, but later reduced to £98,000 (around $127,000).

Regrettably, a growing number of state and federal agencies can be easily compromised even without much technical skills or hacking. They have a myriad of unprotected IT and cloud systems exposed to the Internet, with default or weak credentials, or even without passwords. Furthermore, one can easily find a great wealth of stolen credentials belonging to governmental employees on the dark web and, in view of a widespread and immortal trend of password reuse, can silently login to some state systems that process or store critical national data.

According to forecasts, over the next few years, global cybercrime costs will grow by 15% per year reaching $10.5 trillion annually by 2025. As for data breaches, the average cost of a data breach in 2021 was $4.24 million and this number is expected to rise in 2022. This is why it is so important that organizations and businesses maintain a cyber hygiene routine that can prevent malicious actors from causing security breaches, infecting computer networks with malware, and stealing valuable data.

Cyber hygiene is a set of practices aimed at ensuring safety of an organization’s network, devices, and data. Good cyber hygiene helps protect against all sorts of threats, such as malware, ransomware, data breaches, etc., and improve an organization’s overall cybersecurity posture.

Poor cyber hygiene opens doors to a multitude security risks related to hardware, software, processes or people like misconfigured websites or outdated software with known vulnerabilities. Also, when neglecting cyber hygiene, an organization may face a variety of problems stemming from the lack of proper maintenance of computers and software, such as information loss due to corruption or hacking, misplaced data, or security issues in outdated software.

The exposed hacking campaigns bring compelling evidence that the overall cybersecurity hygiene is largely deficient. For instance, password spraying and credential stuffing attacks are preventable by enabling MFA, restricting access to the accounts from specific networks or at least countries, and can be easily spotted by anomaly detection systems. Moreover, a properly implemented Dark Web monitoring process should alert organizations in a timely manner about stolen credentials to be urgently decommissioned. These are the very basics of information security.

Cyber security hygiene is essential in protecting a company’s business and networks. A set of key practices implemented together can help businesses and organizations maintain comprehensive protection and counter ever-evolving cyber threats.

Best practices for cyber hygiene include:

• Implementing a cyber hygiene program that ensures regular maintenance, safety checks, back up data, and updates of apps, web browsers and operating systems on all devices on a regular basis.
• Using efficient security tools and endpoint protection (antivirus solutions, a network firewall, a password protection mechanism).
• Establishing secure authentication and access policies (strong passwords, multifactor authentication for all users).
• Employing a cybersecurity framework that provides guidelines on how to minimize security risks.

It may sound banal but an adequate budget increase and a well-thought cybersecurity strategy are the key priorities to start with. Holistic visibility of company’s digital assets and data, including IoT and ICS are absolutely vital and indispensable, and shall be properly addressed within the cybersecurity strategy.

As expected, cybercriminals (state and non-state alike) will continue to evolve their tactics, expand their attack arsenal, and exploit unpatched vulnerabilities across enterprise attack surfaces, however, organizations should remember that in many cases cyber-attacks are result of poor cyber hygiene. Even most advanced cyber-attacks often involve phishing or social engineering tactics that malicious actors use to gain a foothold in the network. These attack vectors could be easily countered by establishing solid cyber hygiene practices.

Ekaterina Khrustaleva is COO of ImmuniWeb