Speak to Employees
In order to mitigate future attacks, you should ensure that all relevant personnel (including managers) have been informed about the attack and know what to look out for.
Not having the right tools in place and failing to train employees on their role in information security.
Employees possess credentials and overall knowledge that is critical to the success of a breach of the company’s security. One of the ways in which an intruder obtains this protected information is via phishing. The purpose of phishing is to collect sensitive information with the intention of using that information to gain access to otherwise protected data, networks, etc. A phisher’s success is contingent upon establishing trust with its victims. We live in a digital age, and gathering information has become much easier as we are well beyond the dumpster diving days.
In a Phishing attack, in the end, it is always individuals that are impacted first, then the IT Infrastructure after the login data has been hijacked by the Cyber attacker. Therefore, the greatest emphasis must be placed on this area, which is employee awareness. In this consider the following:
Conduct training programs at regular intervals (at a minimum at least once a quarter) with your employees. Teach them the following:
What the signs of a Phishing EMail look like, paying careful attention to phony looking Sender names, sender domains, and in particular, any misspellings in either the subject line or the content of the E-Mail message.
How to determine if a link is malicious, by explaining how to hover over the link in question to see if the domain on that matches up to what is displayed. If they do not match up, then the link is a malicious one.
If they receive an E-Mail or an attachment that they were not expecting but it comes from somebody they know, to contact that particular sender first to determine if they really sent it or not. If not, they should be instructed to forward that EMail message to the IT Security staff, then it should be deleted from the inbox.
Always instruct them to trust their instincts, and if anything looks suspicious, to report it, and again, delete the message from the inbox.
Instruct them how to verify the authenticity of any website that they may use, especially paying attention to the “HTTPS” in the URL bar.
Also, instruct them to never click on any type or kind of pop messages that they may receive on their work-related devices.
At random intervals, have the IT staff launch phony, Phishing EMails to see if they are picking up what you are teaching them. If they open up that E-Mail message, then they should be immediately notified that they fell prey to a Phishing EMail and will require further training.
Have your IT Staff, especially your Network Administrator, stay on top of the latest Phishing techniques.
Hiring a Cybersecurity Company
Consider hiring an outside Cybersecurity firm to assist you in conducting a deep analysis of what really transpired. They can offer solutions that are specific to your situation, and even conduct various Penetration Testing techniques to determine if there are other unknown Security vulnerabilities in your organization.
Install Anti Phishing toolbars on all servers, workstations, and wireless devices. These packages run checks on the websites that your employees are using against various databases of known Phishing websites.
Make sure that your Network Infrastructure is up to date as well, by routinely testing your firewalls, network intrusion devices, and routers. Once again, a Cybersecurity firm can help you establish the appropriate protocols in conducting these tasks.
Firewalls are an effective way to prevent external attacks, acting as a shield between your computer and an attacker. Both desktop firewalls and network firewalls, when used together, can bolster your security and reduce the chances of a hacker infiltrating your environment.
Backing up Data
You should also make sure that you backup your data regularly either to another hard drive or to an offsite location on the cloud. You will be very grateful for this simple action if your hard drive crashes. Again there are good backup apps available that are not expensive or are free. Make that investment now for peace of mind.
Can you please summarize each sections
You have achieved the absolute minimum as far as necessary features show in PoC phase. This may look like you have solved your problem/challenge for at least one case.