September 14th, 2020
Ujwal Ratra handles Operations & Partnerships at Astra Security, which completed the Techstars Berlin Accelerator in 2018. Astra secures businesses across the globe. Here, Ujwal shares some essential tips that founders should take to ensure rock-solid security for their business, especially during the COVID-19 pandemic.
As the world has worked to contain the COVID-19 pandemic with little to no preparation, cyber security is becoming even more important. Hacks have been rampant as businesses are spread too thin, with employees working from everywhere. Hackers have been taking advantage of this, targeting employees and leaking sensitive information.
In this article, I talk about our findings about cybercrime in recent times and how you need personal protective equipment (PPE) — ‘mask and sanitizer’ for your business — in the same way you need them for yourself. Read on to find out about the two most important things your business should be doing to keep safe from getting hacked.
We’re all online all the time these days, and the frequent hacks and cyber attacks remind us why security is such a necessary investment. Here are a few of the recent attacks in the news, and some we’ve seen and helped businesses with over the last few months:
State-sponsored attacks are becoming more and more frequent, especially now, in a pandemic-hit economy. A single attack can cost millions. It is speculated that the recent cyber attack targeting various components of government infrastructure in Australia was a state-sponsored attack.
Small and medium businesses have always been on the radar for hackers and vulnerable to cyber attacks. However, in the last few months, we’ve noticed a ~10% increase in attacks on the set of such businesses we secure. Most of these attacks are malware attacks, ranging from SEO spam to credit-card stealing malware.
As the world turns to e-commerce for a safer shopping experience during the pandemic, platforms like Magento, OpenCart, etc. which are e-commerce favourites, have seen an unfortunate increase in attacks. Hackers like Magecart have been stealing credit card information. Tupperware and Claire’s are two of the more popular victims of such hacks.
Websites are getting more traffic as online platforms are physically safer and more convenient in these times, and so SEO spam campaigns are becoming more common with hackers. We’ve seen a lot of Japanese Keyword, Pharma, and Gibberish hacks of late.
Ransomware attacks have also been growing more common as people share sensitive data is online due to work-from-home protocols. The attack on Garmin and the Maze ransomware in recent news have a lot of people concerned about cybersecurity.
All these attacks are proof enough that cyber attacks aren’t to be taken lightly, now more than ever. And while cyber attacks are horrible, we’ve seen that their after effects can be even worse.
We conducted a study on one of our customers’ websites to see the effect a fairly common attack, the Japanese keyword hack, had on their website. When the customer came on board, they were already infected. We cleaned the hack and secured their website.
We monitored the website for days to analyze the effects of the hack on their traffic, and this is what we saw:
The website traffic shows a steep drop towards the end when it was hacked last November. The data in the above picture spans a year and traffic never saw a dip like it did then.
Every hack has a lasting effect on websites. Even if you’re prompt in removing the hack, your website takes a hit. And everyone knows the amount of effort that goes into rebuilding a website’s SEO and reputation!
A strong foundation is essential in the world of security — well begun is half done. If good security practices are at the very core of your business practices, then you’re already halfway through to a more secure business. Here are a few basic things you can do which make a world of difference.
Developers release patches and updates as soon as they can after they’re alerted to a vulnerability. Installing the patch or update would ensure that you’re safe from those vulnerabilities being exploited.
A great way to ensure that your information remains secure is to follow the principle of least privilege. It is the idea that any user, program, or process should have only the minimum privileges necessary to perform their function. This way, undue access is prevented. Make sure to also keep an eye on admin accounts (hackers often create fake admin accounts to take control of your site).
In addition to following the principle of least privilege, file permissions are very important. They specify who can read, write, and execute a particular file. Make sure to regularly check these and only set the permissions as per software guidelines.
In most cases, hacks can easily be removed and data can be recovered to a great extent. However, it is always a good idea to have a backup to be on the safer side. A backup can help you rebuild quickly. Make sure to take the backup in a compressed file format and store it securely!
In addition to regular malware scans and a firewall, getting regular security audits for your business can help you see where you stand in terms of security. This is especially important now, as more and more businesses are getting hacked everyday.
Bonus: We have put together a secure coding checklist for your developers to pin up to their desk and refer to.
Much akin to how you need a mask and sanitizer to protect yourself during the pandemic, your business also needs these two things to be secure right now:
A mask is one of the simplest, yet most effective solutions against COVID-19. It prevents you from contracting any airborne infectious germs and thus you’re better off wearing a mask than going without one. They do say prevention is better than cure!
A firewall, much like a mask, protects you from threats you might not see coming. A good firewall will fend off most common cyber attacks. Getting a firewall is also one of the simplest security measures you can put in place, and it does go a long way in ensuring that you don’t get hacked!
You’ve probably used sanitizer so many times since the pandemic began, it’s become second nature to use it often. Security Audits and Bug Bounties, similarly, are best conducted frequently and regularly.
Security audits are a proactive way of finding out about vulnerabilities in your applications and infrastructure. As part of an audit, security professionals perform Vulnerability Assessment and Penetration Tests on your applications. This helps uncover all the things a hacker can exploit.
Now more than ever, continuous security audits will be important. Since developers are working remotely and code is still being churned out from all over the world, it is important to ensure that security scans performed by professionals are frequent and regular to ensure that the entire infrastructure is unhackable. Any vulnerabilities found in a security scan can be fixed before hackers can exploit it. This ensures that you stay on top of the security game and don’t need to worry about getting hacked!
Bug Bounty Programs, for the uninitiated, are deals offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.
As a business, a hacker reward program is a great way to find out about any vulnerabilities that hackers might want to exploit, so you can quickly fix them. This can also be a way to provide hackers an initiative to get a reward by disclosing a vulnerability rather than exploiting it.
While COVID-19 has changed a lot in the way we operate, we’re a lot more aware now about how diseases like this are spread, and more importantly, how we can slow them down or even stop them. Similarly, we can also prevent and fight cybercrime by being aware of what’s been happening in the world, following preventive measures, and routinely remembering to use our ‘masks and sanitizers.’
Bonus: We have created a small WFH readiness quiz that you and your team can take to access a basic level of safety of your Work From Home setup.
Ujwal Ratra is the Chief Operating Officer at Astra Security. He takes care of strategic partnerships, creating streamlined business processes and ensures that cross-functional teams are aligned and moving towards Astra's vision of making cybersecurity super simple for businesses. When not working, Ujwal can be found on the saddle of his motorbike (pre-COVID) or reading books (post-COVID)