Protect Your Network Even when Attackers Trick Your Users
A business contacted our office last week because a bad actor tricked an employee to give them full access to their computer.
The bad actor immediately took over the network and started performing highly illegal activities that appeared to come from the victim’s systems. User training is not enough. It is essential to take additional steps to help protect your network when an attacker is crafty enough to trick a user.
Firewalls, almost universally, have a feature called web content filtering. There is a possibility that your IT professional configured the firewall to block known gambling, gaming, and sites with people with no clothes.
Unless you do business with every country in the world, tell your IT team to block the firewall from permitting traffic from all countries except those where you do business.
It is possible that some of your third parties use sites in other countries to handle your sensitive data, and this is a great time to find out by blocking other countries to see what happens. Your security is only as good as the security of your third party providers, and they need to disclose to you any risks they take with you, and your customers’ confidential data.
If you want to be super cautious, rather than block everything at once, you can ask your IT professional to dump the contents of your web filter’s log into a spreadsheet, or some other database, that will identify traffic trends, sources, and destinations.
Now is an excellent time to ask your IT professionals, even if you outsource IT, to devote time to tuning your web content filtering to be restrictive.
You can even update your routers at home if they support web content filtering, and they might. An excellent place to start is at the device manufacturer’s website. There will be instructions to download and install the most recent firmware. Look at the support site about ways you can enable supported security features in your home devices, including web content filtering.
Please forward this to everyone you know so they can ask their IT professionals to turn up your web content filtering to help protect against social engineering attacks.