Top 4 Learnings From CRA Cybersecurity Incident August 2020
August 17, 2020 | Idealogical News
During the week of August 10, 2020, Government of Canada announced encountering three different cyberattacks, which led to the shutdown of their online services for days.
The only reason the attackers were successful with three different cyberattacks on CRA is because Canadians reused their credentials for various portals and undisclosed holes in CRA’s security infrastructure (unpatched configuration).
For small businesses, stalling business operations for days is not an option.
Here are some of the precautions you can take top protect yourself from cyberattacks:
Have Mandatory Password Policy
Enforce a mandatory organization-wide password policy that includes guidelines for compulsory password resets, complex password rules and training on password hygiene.
Set-up Two-Factor Authentication
Two-factor authentication adds another layer of protection to your login systems, where you are required to add a secondary authentication on top of your username and password. Read more about 2FA here.
It is proven that multi-factor authentication and encryption are the biggest hacker obstacles against hacker attacks that happen every 39 seconds.
Initiate 24/7 Dark Web Monitoring
Illegal trade of stolen personally identifiable information (PII) is an explosive market. The truth of the hour is that the dark web has become the Walmart of cybercrime where credentials are sold for as low as $1.
One of the top defenses against credential theft or credential stuffing is to activate a 24/7 dark web monitoring for your organization. Where your IT security experts can proactively monitor, detect and investigate potential threats, and neutralize them as quickly as possible.
Prepare A Business Continuity Plan
At Idealogical, we do not consider cybersecurity an IT issue but consider it a business risk. That is why we have a written Business Continuity Plan for all our clients which prepares us for ‘when’ a client is attacked we have a well-written plan ready to be deployed.Back to all blogs