The current Russia-Ukraine crisis is evolving fast, leading to an increased cyber threat risk.

Education Horizons is committed to providing recommendations to our customers, to help ensure their data is secure. For hosted customers, we are continuing to monitor for suspicious activity and indicators of compromise.

Key recommendations:

1. Review internal and external attack surfaces and implement a “least privilege” approach, including:

  • Review and restriction of port forwarding
  • Use of VPN to access internal resources
  • Geo-blocking
  • Patching all assets
  • Auditing user access

2. Review backups:

  • Ensure backups are successfully completing
  • Test of existing backups
  • Review backup locations and ensuring separation from the production network – this can include an offline back in the event all online systems are compromised.

3. Implement MFA: (Multi Factor Authentication)

  • For applications that cannot leverage MFA, or do not currently have MFA implemented, geographical or IP whitelisting is recommended

4. Educate and train users on email security, including defence against common attacks such as:

  • Phishing: the most common way into a business or school network is still through phishing. Consider phishing awareness training and perhaps a phishing simulation to assess your vulnerability.
  • Impersonation
  • Social Engineering
  • Suspicious attachments

5. Review and implement controls from the ACSC Essential Eight

6. Review and monitor the related advisory provided by the Australian Cyber Security Centre