Western countries agreed to supply Ukraine with new weapons and ban Russia from SWIFT payments. Russia might respond to Western countries with cyberattacks. Many businesses and institutions are probably unprepared and vulnerable. What can be done quickly to protect hardware and data when you are not technically savvy?
If you waited until now to ask, your problem is executive/managerial in nature. If you're serious, get a consultant to help you evaluate or build a security program (kpmg,mandiant,etc..). You don't need to do one off changes here and there so you can feel safe, you need a functioning program/team that would get you to where you don't need to panic about random world events of all things.
Depends on how many devices your protecting. 10 computers or less. Simple Link Aggregation Group (LAG) that supports NIC drivers thru LACP. Three channels per on device. A good suggestion is a 10 Channel with a minimum of 16gigs operational power. That give you an inner wall of protection. Assuming this is for a business (commercial) Take a slab of empty servers decks and use node32 to harden your setup to outside MIM, DoS, and RW’s. Remove or deauthorize any outbound connections ie, WiFi, BLE, NFC, SDR, USB, ether, CAT5-6. Deauthorize all tokens, cookies, keys, UID’s, to only one person. Close all your open ports. Limit the requests between ISP, SP, HP.(prevents flood attacks) Create a dummy cache that appears ( running same amount of processors, bw’s, CPU’s, and applications. Turn off UDP, but allow for TCP. Use netstat cmd’s to mirror all ports. End2End and in transit encryption protocols, depending on Geo Fencing potentially limit any communications with known users or clients. Check for updates on all hardware that connects to your network. Printers, TV, mouse keyboards, if your using VOIP update that. All hardware updates. Physically back up everything to a static drive not connected to internet. Limit your CPU’s to low or limited to prevent any type of unwanted transfer or breach. Make it where one person who is the IT manager allow for any access, to limit an employee from accidentally being the reason a black hat got into your network. Think like a criminal. Know or understand your mark intent. Change all your credentials, bio metrics, UID’s, or any other type of token access for employees who work from home. Lastly check for updates on all PSP software. Look for any patches, or CVE’s related to said hardware. Limit access to everything, unless it hurts your business. Re-check this every 12-24 hours. Daily. -veritas
I second this. Also if you have particularly large databases consider snapshots to improve recovery speed. Also consider air gapped backups, just incase your primary backup appliances are compromised
Edit: also focus on your business continuity plan. Organizations often expect after an attack to have their systems down for a day or two, they won't be. It could be weeks or months before everything is back up and running. You need to know how you're going to run your business in the interim
