Readiness and Response for External Attack

Any threat that originates outside your company’s network is considered an external threat. The types of cyber-attacks that fall under this category include phishing, malicious domains and impersonation (taking place outside the walled network). Any of these attacks can result in damage to your company’s data, people, domains, apps or even your brand at large. And that damage can come with an enormous price tag. Statista shared that the average data breach in the U.S. cost $9.48 million in 2023.

Twitter has now been the victim of not one, but two, external cyber-attacks. The first occurred in July 2022. The Washington Post reported that hackers “were found selling 5.4 million Twitter account handles as well as their associated email addresses and phone numbers.” Since then, another hacker advertised a Twitter data set for sale that contained 400 million records

Don’t fall into the trap of thinking cyber-attacks only happen to big, well-known entities. They can happen to anyone, at any level, at any time. Preparing for them can go a long way towards warding off any damage. Here are some preventative measures to take:

• Keep software up to date
• Limit account access
• Managed systems and configurations
• Look for network intrusions
• Utilize hardware security features
• Segregate critical networks
• Consider threat reputation services
• Use multi-factor authentication
• Assume insider threats exist
• Create a disaster recovery plan

And what do you do if an external attack happens? Start by gaining an understanding of the extent of the damage. What information or data was affected? Can you identify who the hacker was and what vulnerabilities they exploited? 

Next you need to take any steps possible to limit more damage. This could mean rerouting your network traffic, filtering or blocking traffic or isolating all or part of the network that has been compromised. Now you can begin to create a record of the details of the breach, such as:

• Affected systems, data and networks
• Compromised accounts
• Disrupted services
• The type of damage and the amount

If the breach was significant enough, you may need to engage law enforcement before notifying the organizations or individuals affected. Finally, take this opportunity to learn from the breach to improve your incident handling in the future.

Level Solutions Group (LSG) is a full-service technology company, including network and security assistance. Today we have more robust architecture options and risk mitigation tools than ever before, meaning your company doesn’t have to be vulnerable to hackers. Aligning with LSG ensures you have the right partner to help you keep your data secure. We can create a solution that is customized to your business’s needs.