The recent ‘Five Eyes’ intelligence agencies from the US, UK, Canada, Australia and New Zealand updated mitigation advice in response to Russian state-sponsored and criminal cyber threats.
Focusing on the risks faced by critical infrastructure providers, the advisory underlines the current heightened level of risk and aims to improve the resilience of organizations that could be targeted.
As Lindy Cameron, NCSC CEO, explained: “In this period of heightened cyber threat, it has never been more important to plan and invest in longer-lasting security measures. It is vital that all organizations accelerate plans to raise their overall cyber resilience, particularly those defending our most critical assets.”
The agencies advise that organizations of all sizes should focus on a range of mitigations against attacks that could be instigated by Russian state-sponsored operations and aligned cybercrime groups.
These include immediate actions such as:
- prioritizing the patching of known exploited vulnerabilities
- enforcing multi-factor authentication (MFA)
- monitoring remote desktop protocol (RDP) and
- providing end-user awareness and training
The Glasswall View
Cybersecurity alerts from the ‘five eyes’ intelligence agencies focus on the need to take proactive steps to prevent and mitigate the risks across organizations everywhere.
While most organizations understand the need to fend off malware and ransomware, the vast majority rely on a reactive response based on antivirus and sandboxing technologies to protect their valuable files and everything they contain.
This is effective – but only up to a point. It’s this emphasis on reactive technologies where conventional anti-malware and file protection strategies lead to cybersecurity blindspots.
For instance, nearly 70% of malware found embedded within files is of an unknown variant when it is received, effectively making it invisible to reactive cybersecurity technologies. The problem is that it can take days or even weeks for antivirus and sandboxing solutions to be updated so they can protect files and documents. Glasswall’s own Threat Intelligence research has uncovered numerous examples of malware and ransomware sitting undetected on network infrastructure for anything up to 18 days before reactive solutions are able to respond.
Glasswall takes a proactive approach to file-based threats. Our Content Disarm and Reconstruction (CDR) technology offers a proven approach to defeating ransomware and malware by identifying and removing risky, zero-day file-based threats from all files in moments. This also minimizes downtime and disruption often caused by traditional anti-virus or sandboxing solutions.
We intercept, scan and regenerate every file and document that comes in and out of your organization to a safe standard of “known good”. Organizations that are ‘Glasswalled’ are always ahead of bad actors, whereas antivirus solutions are always, at best, one step behind.
The process requires no blocking, no patching and with no false positives to hold back important business documents, meaning it delivers only safe, secure and trusted files. The result? Every file sent or received – via email or the cloud – can be treated with confidence by organizations fully protected from zero-day malware threats.
To read more about Glasswall CDR solutions, click here.