How to prepare for a hack: Tips from a cybersecurity expert
WASHINGTON (TND) — President Joe Biden warned Monday that there is an evolving threat of Russian cyberattacks on what he called critical U.S. infrastructure in response to harsh sanctions issued against the country as it continues its war in Ukraine.
When it comes to the infrastructure the president is referring to, cybersecurity expert Adam K. Levin says it’s wide-reaching.
“One is actual infrastructure, where you talking about public-facing services like our power grid or transportation services or operational systems. You could be talking about anything that impacts food — like if you remember JBS was attacked, or fuel — which is Colonial Pipeline, or our education systems, our healthcare systems, our communication systems, our financial systems,” Levin said.
Biden has adamantly said that the private sector should harden its online defenses to prepare for what could potentially happen. Levin suggests that companies should follow his "three Ms" and do it sooner rather than later.
“First, how do you minimize your risk of exposure? How do you monitor? And how do you manage the damage?” Levin said. “Minimizing risk is everything from training employees to better understand the threats, the red flags and the things they need to be looking out for because they are, oftentimes, the first point of attack and the last line of defense. You're talking about mapping data so companies know what data they haven't where they have it. You're also talking about restricting access to only need-to-know or need-to-use.”
He adds that with so many people working from home, companies should be issuing business-only devices to their employees that have all the necessary security protocols on them and that these devices should not be shared with anyone else in a household.
“It’s about creating zero-trust environments where you don't assume that you have a moat around your businesses wherever people are entering your network that you need to make sure that that is protected as possible,” he said.
As Americans are already dealing with heightened prices, experts warn that these kinds of attacks would likely lead to more price hikes as the country continues to battle problems left by the pandemic.
“The impact is, is supply chain if you put a chink in the supply chain on top of all of the supply chain issues we've had due to COVID what happens is there you don't have the supply to meet the demand and prices go up — whether it's gasoline or food or any of the things that we view as critical to our life,” he said.
Unfortunately, cyberattacks by Russian groups are nothing new for the world. Some claim to be apolitical but amidst the ongoing war, officials say these hackers are more likely to be politically tied.
“You could have groups that are operating in Russia — the government winks at what they're doing but they're really operating at the direction of the government. You could have groups that actually have military intelligence people that are part of it and then you have groups that do it for profit but also, sort of, the government looks the other way,” Levin said.
He also has some advice for everyday Americans to prepare for these kinds of attacks.
“Long and strong passwords, password protocol managers, enabling two-factor authentication — which makes it harder for anyone who got our credentials to get into our accounts, being careful with clicking on links, opening attachments, not downloading apps, checking your credit reports, monitoring your credit scores, making sure that you're notified when there's activity in your accounts and having a damage control program,” he said.
There are countless institutions that have programs available to monitor credit and help consumers through identity incidents. Levin suggests looking into ones offered by your insurance company, financial institutions or even programs through work.
“You just need to find out if you have any of those programs, if you're in it or what you need to do o get in it,” he said.
