The campaign aims to inform businesses about cyberprotection

Jul 16, 2021 09:19 GMT  ·  By

In order to raise awareness of the risks of ransomware attacks, and offer people and companies advice on how to protect themselves, the National Cyber Directorate in Israel launched an intensive campaign on 14 July, according to Times of Israel

The campaign uses real-world examples of companies affected by cyberattacks and reports on the consequences. Details such as the loss of customer data, inability to debit payments, loss of business days, and the cost spent on recovery are made public. The goal is to help other businesses prevent and combat cyberattacks, according to the statement released by the directorate.

An example of the undesirable effects of cyberattacks is the case of the Israeli insurance company Shirbit, whose sensitive customer data was stolen and published by cybercriminals after the company refused to pay the $1 million ransom.

Head of the Center for Advanced Technologies of the directorate, Yuval Segev, believes that the very first stages of cyber-hygiene might have reduced the threat. The process of encryption now takes place in a matter of hours, increasing the difficulty of identifying an attack before it causes harm.

The directorate also recommends the following actions: 

  • Install antivirus or firewall software and be sure to update it regularly; if not, set up automatic software updates. 
  • Keep a backup of your data on hand. For firms and individuals in the direct aftermath of a ransomware attack, recovering information from a backup helps with getting back to normal much faster. 
  • Use only secure interfaces for remote access and close other processes that are not necessary for business.  
  • A VPN with strong identification protocols should be set up, and two-level or better multi-level identification paths, especially if the connection is used by an employee working remotely. 
  • Be vigilant about email in general and watch out for phishing attempts and email impersonators. Many malware types can be embedded in  SCR, VBS and EXE files, so downloading these files is very risky if received from an unknown source. 
  • Also, watch out for the double extension trick. Some examples would be: DOC.SCR or AVI.EXE, which may very well contain malicious code.