US cyber attack: Should I be worried about my network security?

Tim Jarrett

Posted by: Tim Jarrett

Dec 21, 2020

US cyber attack: Should I be worried about my network security?

The United States is no stranger to the threat of cybercrime. Hacking was the source of a $13.7 billion headache for the US government in 2018, and the frequency and complexity of attacks in the region has continued to escalate in recent years.

As such, the official response to the most recent serious cyber attack to hit the US came as some surprise, inspiring headlines across the globe and raising eyebrows far beyond the five walls of The Pentagon.

According to the US Cybersecurity and Infrastructure Security Agency (CISA), the attack was not only targeted at government departments and critical infrastructure, but also the private sector. It was described as posing a "grave risk" and that tackling it would be "highly complex and challenging", with the “advanced persistent threat actor” demonstrating “complex tradecraft in these intrusions".

The heightened nature of CISA’s language shows how this particular incident (or series of incidents) presented a serious danger to US security. At a more personal level, it has also served to amplify the anxieties of anyone responsible for maintaining their organisation’s network security – after all, if the US government can be compromised by a new type of threat, then it’s understandable for IT managers to consider how well their own businesses are protected.

And with good reason. The threat of cybercrime is no less real for “normal” businesses. All day, every day, SMEs have to defend themselves against all manner of risks, ranging from external attacks by malicious actors to security protocol failures among those within the organisation. True, these events are not at the same scale, and they are unlikely to result in national security being compromised, but for the organisations involved the damage has the potential to be catastrophic.

The UK National Cyber Security Centre (NCSC) provides a useful structure to help organisations defend themselves against hacking, highlighting the risks at each of the four core stages of an attack: Survey, Delivery, Breach and Affect.

Survey

At this stage, the often-overlooked area of user education is paramount, underlining the importance of training all members of the network on the types of cyber risks they can expect to be presented with on a day-to-day basis.

Delivery

Protecting the organisation at this stage includes the implementation of operational security measures, from password policies and control of user rights to malware protection and network perimeter defences.

Breach

Further to the measures implemented under Delivery, this stage can be defended against through monitoring for suspicious activity, by applying patches in response to known vulnerabilities, and by restricting access for certain users and devices.

Affect

At this stage, with security breached, organisations face the difficult task of extracting malicious elements from the network and repairing the damage. The NCSC says it is only by adopting a complete cyber risk management regime that organisations can fully optimise their IT defences.

So, while the dramatic headlines in the US may be cause for concern, they describe a sophisticated and targeted attack aimed at specific seats of power and influence; a concentrated effort to infiltrate critical systems holding highly valuable data.

For small and medium-sized companies, it is unlikely to present a direct risk, but it serves as a valuable reminder that no-one is immune to the wide-ranging cyber threats that exist outside of your network, and the importance of maintaining continued vigilance as risks evolve.

If you would like more information on how to keep your network secure and how to defend your organisation against the four stages of a cyberattack, contact us today.


Tim Jarrett

About: Tim Jarrett

Founder and Director Tim is a highly-experienced IT and technology professional. He is focused on understanding clients’ business challenges and resolving them through best-fit IT services and solutions.


Related posts

Writing Website Content
Website design / Nov 09, 2012
Content is a vital part of any website and is often the area that can be improved the most. Here are our top tips for creating or improving your website content.Be Concise...
Read more about this story >
Our Client, The Talbot Owners’ Club, wins prestigious award
Website design / Nov 09, 2018
We were delighted to receive the news that The Talbot Owners' Club have won the ultimate club accolade – The Historic Motoring Award's Club of the Year 2018. The award, ...
Read more about this story >
Guide to DNS
Website design / Oct 31, 2011
Anyone who owns a domain name will have heard of the terms DNS. It may not come up very often but when it does having an understanding of what DNS is and how it works can be a...
Read more about this story >
Jarrett & Lam
+44 (0) 1293 127 128