An expert explains: this is how the various variants of the security breach endanger us

The corona plague has led to many changes around the world, including the transition (partial or total) of organizations to digital. Many times, they do so without an adequate protective shell, which leaves them vulnerable to attacks by terrorist and criminal organizations from around the world, regardless of the different geographical boundaries. As mentioned, working remotely, along with the loads on the internet, the use of public WIFI and conference calls on unsecured platforms – all of these have left us all completely exposed.

Earlier this week, National Cyber ​​issued a stern alert following a breach discovered in a software activity documentation service called Log4J. The hacked service is found in many familiar apps, including Minecraft, which was the first where the vulnerability was observed. The service is also found on sites such as Amazon, on the social network Twitter and on Apple devices. Since the discovery, it seems that even upgrading the version by the security update version 2.15.0 does not prevent the exposure, as there are very many variants of the vulnerability, and it will take a long time to understand the depth of the vulnerability.

The investigation into the incident raises concerns that state groups (terrorists) will continue to use it to carry out criminal attacks for infidelity, or that various hacker attacks will take place, for the purpose of exploiting the attack to mine bitcoin. From the last sequence of events, it can be understood that hackers can exploit various vulnerabilities and weaknesses, create additional weaknesses on them, and cause a situation where they are quickly exploited by many hacker groups around the world.

We emphasize that every organization, no matter the size, budget, target audience, or product or service it markets, must produce a business continuity and cyber disaster recovery plan. This can be done, among other things, by raising the awareness of management and employees about the various dangers. In fact, any organization whatsoever, should possess technologies for dealing with burglary attempts and various attacks, as well as a contingency plan in case the attackers succeed.

So how do you defend yourself? Although there are not many experts or companies that specialize in preparedness for this type of crisis, and its management after the event, companies still need contingency plans for such cases. These are written programs, which should always be backed by technology and digital tools.

Despite the level of awareness that has decreased in Israel, in light of the many cyber incidents in the past year, there is still a lack of proper preparation among companies in the economy. Without going into examples, you can often read reports of Israeli companies falling victim to various attacks.

Managers and managers of organizations and companies, various bodies and the truth is, that even private individuals, should look at these cases and learn from them – so as not to be part of the statistics of the many victims. Ultimately, it should be understood that whether it is a terrorist attack, or a ransom attack, they cause significant, and often irreversible, damage to an organization that has been harmed.

Today, at the end of 2021, there are many organizations in Israel that are not backed up and sufficiently prepared for the scenario in which they are hit by a cyber attack. These are necessary actions, an investment that will help in the future, and you may be able to prevent a complete collapse of the company.

The author is the director of cyber consulting in Cisco, in the southern European region, he specializes in building an information security strategy and risk management

By Editor

Leave a Reply