City held to ransom: how to safeguard your network from attack
Holistic solution suite and ongoing updates and maintenance required, says Networks Unlimited Africa
In the wake of last week’s City Power ransomware attack, ongoing vigilance, maintenance of systems and a holistic approach to security remains vital for critical infrastructure entities. This is according to Stefan van de Giessen, general manager: cybersecurity at value-added distributor Networks Unlimited Africa.
Van de Giessen says: “Security needs to have a layered approach, ensuring each level is protected with effective technology. A systematic, unified, layered posture ensures all attack vectors are covered. An effective IT security ecosystem involves the holistic consolidation of tools and intelligence, and analytics should feature strongly in the technology deployed to protect the network.
“Building a next-generation security solution should include various products that complement each other, starting with perimeter protection, end point and secure e-mail solution. Having these three is a vital start to your security posture. Once your baseline is established, we need to look at how at how we protect against unknown threats, encryption of your data and ultimately deploy decoys in your network to lure hackers off your network. We advise adopting a phased approach to developing a layered posture due to cost and the complexity of management.”
Van de Giessen outlines this phased approach as follows:
- Investing in a next-gen firewall (NGFW), next-gen anti-virus (NGAV) with EDR capabilities and a secure e-mail solution is critical in securing against the most prevalent attacks. It is vital to make sure, when choosing your vendor of choice, that they have been tested by third parties such a Gartner and NSS Labs to ensure security effectiveness.
- Protecting your applications that are Internet-facing and transacting with customers online: a Web application firewall (WAF) and a secure payment gateway will ensure these applications and Web sites are protected, and comply with PCI, POPIA and GDPR compliance, irrespective of whether these are on-premises or in the cloud. Onsite and offsite backups are best practice.
- User education and training is essential in making sure that employees are able to recognise and respond accordingly to suspicious and malicious activity. This also means any threats that bypass security measures are picked up at the last line of defence.
- Having an advanced threat protection (ATP) strategy has become necessary as malware and threats are evolving constantly, making it hard to rely on a known signature alone. The need to include an ATP product in your security structure is now more relevant than ever to ensure we can stop zero-day attacks.
“It is never easy for an organisation to admit to a cyber security breach and we applaud City Power for its honesty in owning up to the reason for their systems outages, as well as for not paying the ransom demanded by the threat actors. At the same time, it should be noted that in being transparent, the organisation also acted according to compliancy principles as outlined by the European Union’s General Data Protection Regulation (GDPR) and South Africa’s Protection of Personal Information Act (POPIA).
“The phased security posture advice outlined above applies to on-premises, cloud and hybrid environments. Additionally, device, operating system, software and policy updates should be carried out regularly and stringently to ensure no vulnerabilities can be exploited,” concludes Van de Giessen.
Networks Unlimited Africa
Networks Unlimited Africa is a value-added distributor, offering cutting edge solutions from the network edge to the Datacentre, and addresses key areas such as cybersecurity, Hybrid cloud, datacentre and infrastructure, networking and integration, SD-WAN solutions, network performance management and application performance management, application delivery networking and load balancing, data centre in-a-box, and data management and backup solutions. Most of our solutions are highly regarded by Gartner and will be found on their respective magic quadrants. The company distributes best-of-breed products, including Attivo Networks, Cofense, Carbon Black, Fortinet, F5, Hypergrid, Mellanox Technologies, NETSCOUT, ProLabs, RSA, Rubrik, SevOne, Silver Peak, Thales, Tintri by DDN and Uplogix.
Since its formation in 1994, Networks Unlimited Africa evolved to become one of the very few true, value-added distribution companies in Africa. NU has continuously adapted to today’s increasingly competitive environment to provide product solutions that offer best and latest solutions for companies across Africa, through our extensive partner network covering over 38 countries in Africa.