Last year companies in the United States saw a 105% surge in cyber attacks designed to hold platforms and data ransom. What was once viewed as a government focused issue has now become something for every organization to be aware of and consider. Do you have an approach and counter strategy in place?
Get ready because cyber attacks are growing in every sector.
For non-profits, natural disasters and humanitarian relief are moments that crystallize public support of organizations — leading to rapid increases in website traffic and online donations. Armed conflict can generate similar humanitarian needs as a natural disaster, especially with other complications such as cyber attacks, which have become an increasingly common tool during geopolitical conflict. For organizations serving the world at these critical moments, your rapid response should include an increased focus on cyber security alongside fundraising and communication plans.
For corporate organizations, with targeting restrictions growing and third party cookie removals coming on the 2023 horizon, there is a re-emphasis on first party data both in terms of acquisition and journey development. Being cyber secure is a crucial part of generation and keeping trust with consumers. You don’t want to be the organization letting users know they have to change their password quickly for security reasons.
And of course for government and advocacy organizations, the sophistication and volume of such attacks continues to scale with organizations needing not just a containment approach but a prevention one for cyber security and of course for misinformation at an issue and subject matter level.
So where do you start?
Our Chief Technology Strategist, Jack Steadman, has pulled together some quick wins and hardening measures that can better equip your organization for the future.
1. Make sure that the versions of the CMS platform and all plugins are up to date, and that security patches have been applied. Confirm with the hosting provider that the same is true of their server software. All major hosting providers do this as part of their routine maintenance procedures, but it’s worth double-checking.
2. Look at the security features offered by the CMS platform (or available via reputable plugins) and take measures to harden the platform against attack. Some examples of this include:
- Enabling and requiring multi-factor authentication for administrator accounts
- Requiring strong passwords, and setting limits on failed login attempts to guard against brute-force attacks
- Check passwords against lists of “pwned” passwords. There may be plugins which can run this check for you automatically when someone changes their password
- Tracking “trusted devices” for each admin account to guard against session hijacking attacks
3. Make sure the site takes advantage of all CDN (Content Delivery Network) and WAF (Web Application Firewall) products available to it from the hosting provider, and that they are all configured properly. CDNs provide a globally-distributed layer of protection for the core web infrastructure and have sophisticated systems for identifying and blocking DDoS (distributed denial-of-service, a common attack in which a site is flooded with traffic until its web server crashes) and other network-level attacks before they can affect a site. WAFs are often attached to CDNs and are designed to identify and block a wider range of attacks, including those which target specific vulnerabilities in CMS and web server software.
4. If a hosting provider doesn’t bundle a CDN, it can be purchased and configured separately. Fastly and Cloudflare are two modern CDNs which have robust networks and attack-prevention features built in.
5. If the situation warrants it, see if the hosting provider can block all traffic from a specific country location at the WAF/CDN. This is a brute-force measure that isn’t foolproof, but it may make it a little harder for hackers to break through or buy some time if an attack is in progress.
6. If an organization has reason to suspect an attack may be imminent, they might consider reaching out to the hosting provider and warning them of possible attacks. If all of these other measures have been taken, there may be nothing more for them to do, but it’s always good to have a heads up that something might be coming that could trip some alarms.
Any insights to add or looking for a partner to support your efforts? We’d love to hear from you over at [email protected]