Havoc Shield has identified a recent security threat. Refer below for the latest vulnerabilities along with recommended action steps.
Security Threat
FBI officials have warned about a dangerous and systematic escalation in Chinese targeting of networks and systems belonging to organizations in critical infrastructure sectors.
Recommended Action
These types of attacks will typically be a spray and pray method. To ensure that your business isn't victimized by these threats, ensure that you have an up to date Vendor Risk Register and a process for finding and updating vulnerabilities on your website and operating systems.
Additional Details
- China backed threat actors will use a spray and pray technique to target all critical vendors with a target company.
- These attacks are multifaceted and start with getting access to a critical system then using the information there to elevate the attack.
- While your company may not be an organization they are after — your vendors or customers could be, and may target you as a way in.
- Targets have included organizations in fields as diverse as biotech, aviation, artificial intelligence, agriculture, and healthcare.
Learn more about this warning from the FBI and these escalating attacks here.
How can Havoc Shield help you fend off these attacks?
Vendor Risk Register
A Vendor Risk Register is a rolodex of all of your vendors with a key component of the risk associated with the vendor. This catalog is critical for your business to understand where the risk lies. When completing this register you should as youself questions like:
- What kind of data do we share?
- If they had a breach how would that affect our business?
- What is the financial risk they serve should a breach happen?
OS and Software Patching
Havoc Shield's OS and Software Patching agent is a protective tool that will automatically update your operating system. An added bonus feature is that these patches are tested before being pushed to computers. So, you can patch the critical vulnerabilities on your operating system without having to worry about the update ruining your computer. These patches will only handle minor updates and not major ones. For example, the patching will not update your from Windows 10 to Windows 11.
Vulnerability Scans
Havoc Shield Vulnerability Manager allows you to easily handle all areas of your vulnerability scans in one place. You can upload scan targets, implement a scanning cadence, and manage the finding all in one place. These found vulnerabilites may not be important to you but they are candy for threat actors. One critical vulnerability can bring down an entire organization.
Schedule a call with us to learn more!
