Operation Security: Policies to Prevent Cyberattacks on LLC

Verified

Added on 2020/04/21

AI Summary

This report analyzes the implementation of operation security policies to prevent ransomware attacks on a pharmaceutical company, LLC, which recently recovered from a ransomware incident. The report outlines several crucial policies, including regular data backups, enabling hidden file extension viewing, email filters, disabling files from AppData/LocalAppData, disabling RDP, software patching and updates, using reputable security suites, disconnecting from the network, and employing preventive kits like Crypto Locker Prevention. Each policy is discussed with supporting reasons, emphasizing their role in detecting, preventing, and correcting security flaws. The report highlights the importance of these policies in protecting critical accounting data and overall organizational security, presenting them as physical and administrative control methods to mitigate cyber threats and ensure business continuity. The report references several sources to support the recommendations.

Running head: OPERATION SECURITY
Operation Security
[Name of the Student]
[Name of the University]
[Author note]

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1OPERATION SECURITY
Table of Contents
Introduction:....................................................................................................................................2
Discussion:.......................................................................................................................................2
Policies for Mitigating attacks and supporting reasons for the policies:.....................................2
1. Backing up of data:..............................................................................................................2
2. Looking into the hidden file extensions:.............................................................................2
3. Use of filters in the Emails:.................................................................................................3
4. Disabling of the files that are running from the folders of AppData/ LocalAppData:........3
5. Disabling of the RDP:..........................................................................................................3
6. Patching and Updating of software:....................................................................................3
7. Using of the Reputable security suite:.................................................................................3
8. Disconnecting from any type of network:...........................................................................4
9. Use of different preventive kits:..........................................................................................4
Conclusion:......................................................................................................................................4
References:......................................................................................................................................5

2OPERATION SECURITY
Introduction:
LLC is a pharmaceutical company which is located in the Midwest of the US and is
employing around 150 employees. Recently the company has suffered from a Ransomware
attack but it has been able to recover from the attack by taking assistance from a third party IT
service company. Now the company has decided to adopt some policies so as to overcome the
situations similar to the ransomware attack (Choi, Scott, & LeClair, 2016). This report discusses
about some policies and how these policies can help the company along with the reasons which
will support the policies.
Discussion:
Policies for Mitigating attacks and supporting reasons for the policies:
Several policies can be adopted for the purpose of protecting the company details from
any type of cyber-attacks. Some of the important policies that can be adopted by the company for
protection of their data are listed below:
1. Backing up of data: This is the most important way in which the company can avoid
threats similar to that of the Ransomware attack. This policy includes the creation of backup on a
regular basis along with updating the backups. This is an administrative control and also acts as a
preventive method for losing any data.
2. Looking into the hidden file extensions: This process includes the re enabling of
looking into the full file extensions which will initially help in spotting the suspicious files. Fie
extensions with “. PDF.EXE” are the main files which the attackers use for getting into the

3OPERATION SECURITY
system of the users (Brewer, 2016). This is also a preventative policy that can be adopted by the
administrative department of the company.
3. Use of filters in the Emails: This include the use of the mail scanner at the gateway so
as to avoid the files with an extension of “.EXE” and helps in denying the files which are having
two extensions. This a detective method used to prevent any threats.
4. Disabling of the files that are running from the folders of AppData/
LocalAppData: The company can make rules within the Windows or with Intrusions prevention
software’s that will help in disallowing of a particular behaviour if any type of attack attempts is
made (Song, Kim, & Lee, 2016). This is a physical method that can be adopted to prevent any
threats.
5. Disabling of the RDP: Most of the attacks are considered to be done by the use of
Remote Desktop Protocol or RDP. So by disabling the RDP the company can avoid many types
of attacks (Berriz, 2014). This a physical control method that can be adopted by the admiration.
6. Patching and Updating of software: The software that are outdated can be very much
advantageous for the attackers. This type of attacks can be avoided by the company if they
continue in updating their software’s in frequent intervals. The vendors of the software’s often
release their security updates and if the company enables the automatic update then they can visit
the vendors site automatically and update the software. Automatic update also helps in avoiding
the risks of getting harmed when the malware authors disguise themselves as software updates
(Touchette, 2016). This is a preventive policy that can be adopted by the company for the
purpose of preventing any threats.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4OPERATION SECURITY
7. Using of the Reputable security suite: the company can adopt the policy of installing
both the anti-malware software and a software firewall which will help in identifying of any
types of threats and suspicious behaviours. The attacks can be of various types so to avoid this
both type of security is necessary (Roa, 2017). This is a physical preventive control policy.
8. Disconnecting from any type of network: Any types of attack like the Ransomware
can be easily avoided if the company immediately disconnects all its systems from the network
after identifying the characteristics on the screen. This is a physical preventive control policy in
which the administrators have to disconnect themselves from the network in order to protect their
privacy.
9. Use of different preventive kits: One such kit is the Crypto Locker Prevention kit
which helps in automating the process of disabling the running files in the App data and the
Local App data by the group policies along with disabling of the executable files that are running
from the temp directory (Richardson & North, 2017). This is a physical preventive control policy
for protection of the data of the company.
Conclusion:
The adaptation of the policies discussed above along with the control measures will
greatly help in the identification of the threats and avoid the threats in a very easy way. The
policies should put more emphasis in protecting the accounting data of the company as the
accounts forms the backbone of any type of organisation. All the policies stated above are
physical and administrative control method which helps in detecting preventing and correcting
any type of flaw of the company.

5OPERATION SECURITY

6OPERATION SECURITY
References:
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network
Security, 2016(9), 5-9.
Song, S., Kim, B., & Lee, S. (2016). The effective ransomware prevention technique using
process monitoring on android platform. Mobile Information Systems, 2016.
Choi, K. S., Scott, T. M., & LeClair, D. P. (2016). Ransomware against police: diagnosis of risk
factors via application of cyber-routine activities theory. International Journal of
Forensic Science & Pathology.
Berriz, C. (2014). Cybersecurity and United States Policy Issues. Global Security Studies, 5(3).
Touchette, F. (2016). The evolution of malware. Network Security, 2016(1), 11-14.
Roa, R. E. E. (2017). Ransomware Attacks on the Healthcare Industry (Doctoral dissertation,
Utica College).
Richardson, R., & North, M. (2017). Ransomware: Evolution, Mitigation and
Prevention. International Management Review, 13(1), 10.