Following sprees of cyberattacks by Lapsus$ hacking group using ransomware, the Federal Bureau of Investigation has released some preventive measures against the hackers.
Gadgets Africa reported that Lapsus$m one of the most talked about and feared hacker cyber-crime gangs, Lapsus$, added ride-hailing company, Uber, to its list of victims, forcing the firm to close its internal operations last Thursday.
Other tech firms which the hacking group run by teenagers has attacked include Microsoft, Samsung, T-Mobile, and Okta, amongst others.
After the successful T-Mobile hack, the hackers in April 2022 reportedly attempted to access the T-Mobile accounts of the FBI and the US Department of Defense.
However, IndiaToday reported that the hackers’ attempt failed due to additional verification measures that were in place on both the organisations’ digital presence.
As such, the FBI, according to MSSP Alert, issued the following 10 recommendations to organisations to prevent, avert or curtail ransomware cyber attacks from Lapsus$:
- • Back up critical data offline.
- • Ensure copies of critical data are in the cloud or on an external hard drive or storage device. This information should not be accessible from the compromised network.
- • Secure back-ups and ensure data is not accessible for modification or deletion from the system where the data resides.
- • Use multi-factor authentication with strong passwords, including for remote access services.
- • Keep computers, devices and applications patched and up-to-date.
- • Monitor cyber threat reporting regarding the publication of compromised VPN login credentials and change passwords and settings.
- • Consider adding an email banner to emails received from outside your organization.
- • Disable unused remote access/Remote Desktop Protocol (RDP) ports and monitor remote access/RDP logs.
- • Audit user accounts with administrative privileges and configure access controls with least privilege in mind.
- • Implement network segmentation.