DENVER — Professor Bob Bowles is the director for the Center of Information Assurance Studies at Regis University, and he teaches cyber security classes.
Bowles said he tells his students the next attack won't be a military one, but a cyber operation that could turn the U.S. into a third world country.
He has five tips for companies and other entities to avoid becoming the victim of a cyber attack.
1. Harden systems and applications
Bowles said companies need to "take a step back and look at our systems and their applications."
"Meaning, you only have the services and ports and things running that you need to have running on those systems," Bowles said. "You lock out the rest, take them off, remove them."
2. Patch operating systems and applications
"You’ve got to do that," Bowles said. "That is low-hanging fruit. Think about it, I can come at the operating system, attack your enterprise and then patch the hole that I used to get in on my way out, I can compromise administrator's credentials or those with elevated privileges. and it will look like Katie was in the personnel files last night digging around when it really wasn’t her, I just captured your user credentials and launched an attack externally, but it will look like an internal attack."
3. Update anti-virus and malware applications
4. Audit and certify accounts
Bowles recommends that companies do what they can to ensure that the user accounts affiliated with an organization are employees.
"So for example you’re working for 9NEWS," he said. "So 9NEWS needs to audit all of their user accounts that come into the organization that are their employees…at least quarterly and determine, 'well okay, is Katie still working for us? Or has she moved on to another organization?'
"And at least when you certify and you audit those accounts, then you can determine, is there a rogue connection? Is there a rogue account in there that should not be in there? Because most hackers are in our organization nine months before they ever launch their attack."
5. Create mirrored backup servers
Here's what Bowles said that means:
"You’ve got your normal backups that you do on a routine basis like daily... so after you do your standard backup that’s going out to both devices or both storage capabilities or solutions you have, then you disconnect one," he said. "And that way if you get an attack in the middle of the night, and they’re coming to you saying, 'hey we’ve encrypted your data, we’ve encrypted all your storage capability, you got to pay so much in bitcoin to get it back,' you just say, 'no.'
"You turn it over to the Feds, you hand them over the evidence of what they do, you plug back in your backup that was disconnected that they could not get to."
SUGGESTED VIDEOS: Latest from 9NEWS "