Oct 30, 2017, 15:04 PM
A small misconfiguration on a server for the NFL Players Association led recently to a massive data breach
, compromising the personal information of at least 1,135 current and former National Football League players.
The NFLPA confirmed that players’ home addresses, mobile phone numbers, email addresses, colleges, dates of birth, and agent fees were part of the exposed data.
Prominent player names associated with the breach include Colin Kaepernick, the former San Francisco 49er quarterback who has become the face of the current protest movement among NFL players taking a knee during the national anthem.
The former quarterback has received numerous personal threats following his decision last year to protest his social concerns by not standing for the anthem, and exposure of his personal data heightens the threat to his safety.
The Players Association says the data breach was limited to a two-hour period when the server was open to unauthorized scrutiny. It remains to be seen, however, how much damage was done – the hacker(s) threatened to make the data public if a bitcoin payment was not received within 120 hours.
Given the polarizing attention directed toward the NFL by President Trump, the NFLPA can expect malicious hacking attempts to continue. The Players Association is now well aware of how quickly an incursion can occur when the proper safeguards and data-protection strategies are not in place. They will have to act swiftly and decisively to insure that adequate data-protection backup standards are met.
Highest Possible Stakes
For Mr. Kaepernick, the breach carries the potential for serious personal consequences. For businesses, too, ransomware attacks have become a threat to survival.
The rise of ransomware attacks on businesses remains prominent public news. A 2016 report by the Financial Times listed malicious cyber attacks as the leading cause of all corporate data loss, surpassing even employee error.
The same report predicted their increase by 250% the following year. As in football, sometimes the best game plan against a highly mobile offensive threat like cyberwarfare is containment.
The Best Defense: 10 Steps
KeepItSafe® outlines 10 achievable steps that your business can take right now to protect against the ever-present threat of a ransomware attack:
- Implement a plan to regularly scan and test all networked devices.
- Ensure that all company-issued devices, as well as any personal devices that interact with your network, contain the latest anti-virus software or other tools to prevent the introduction of malicious code.
- Restrict access to compromised apps on network devices.
- Whitelist applications that require approval from authorized administrators to grant permissions for those apps or programs to run on networked devices.
- Keep your operating systems and software up-to-date with new patches.
- One of the easiest points of entry for cyber hackers is through an application or operating system that is out of date; keep up with the latest security patches for all apps and operating systems your company uses.
- Isolate infected devices quickly.
- Disconnect from your network any device you suspect of being infected with malware.
- Filter for .exe attachments in email.
- Filter for executable files attached to your company’s emails to reduce the likelihood of a crypto ransomware attack sneaking onto your network.
- Disable files running from appdata folders.
- Create rules within Windows or with intrusion-prevention software to default to disallowing any executable file to run from these folders.
- Disable remote desktop protocol (RDP).
- If you don’t require the use of RDP, disable it to protect your machines from Filecoder and other RDP exploits.
- Protect your operating systems and apps.
- Your system-protection process should include steps to secure your apps and systems as well as files and folders.
- Train your staff and test readiness for an attack.
- Don’t open suspicious emails or download apps/files from websites unless certain of their legitimacy, isolate infected devices, and perform regular tests to teach employees how to react to a cyber attack.
- Implement a comprehensive data backup and recovery plan.
- Roll out a company-wide solution for backing up all corporate data on all systems and devices, as well as a disaster-recovery and business-continuity program. Ideally, the solution will be cloud-based with a trusted provider who maintains all of your data securely in the cloud and across multiple, geographically distinct locations — with immediate failover should one of these locations suffer an outage or natural disaster.
To learn more about defending against a ransomware attack, please visit our solution page or check out our webinar, "Disaster Recovery in the Age of Ransomware".