It seems like not a day goes by without another ransomware attack making headlines. And where do many of these attacks start? In your users’ email inboxes.
By now you know that your users are both your first line of defense and your weakest link and you need to not only add additional spam filtering to all emails coming into your office, but also train to your users to identify when they’re being phished. Additionally you may want to harden the operating system to be more resilient to attacks. Recently some of these recommendations were suggested by Microsoft.
Here are some key ways to protect your users from recent spear phishing campaigns:
Ensure that all email goes through a filtering system of some kind. Whether it’s an on-premises mail server or a cloud-based email service, you have to have a filtering system that looks for attack patterns. Even if you still have on-premises mail servers, having a service that shares information with other servers means that you can see patterns emerge. Often these mail hygiene platforms also provide mail storing and forwarding should anything happen to your on-premises mail server. Having this sort of solution installed is a necessity for anyone using email servers.
If budget is an issue, you should investigate open source, community, or free solutions to better protect your firm. Solutions such as Security Onion can be added to your network as a Linux distribution for threat hunting, enterprise security monitoring, and log management. Recently 2.3.50 version was released for the Security Onion platform along with training videos. Snort is another open source platform that can be added to your network to add additional protection and monitoring capabilities.
