Dual-defense strategy for network security
- By Michael Murray
- Sep 12, 2019
Recent headlines about ransomware attacks have elevated the urgency for public entities to implement effective measures to prevent cybersecurity breaches and avoid becoming the next news story. Government agencies, however, face unique challenges. They are often coping with limited technology budgets, poor cyber hygiene (including outdated and unpatched systems), a shortage of cybersecurity talent and dated or slow-to-upgrade IT footprints, all while accommodating a changing network landscape and seemingly countless devices connecting to municipal networks.
As security risks have multiplied and evolved, many municipalities have implemented a patchwork of solutions -- intrusion detection/prevention systems, firewalls, antivirus software, web filters, patching systems, etc. -- to thwart each new or anticipated tactic, but breaches still occur at an alarming rate. Protecting public systems could come down to one compelling solution: a zero-trust model with microsegmentation.
Shifting from implied trust to ‘show me your ID at the gate’
A zero-trust model does just what its name implies: It trusts no one without first authenticating the user's identity. Anyone -- both internally and externally -- trying to connect to systems must be verified before being allowed to proceed. Once an identity is authenticated, whether it is a user, a device or an application, that identity is then logged and used to further control access or movement within a network.
A zero-trust approach is particularly effective at an enterprise’s major areas of vulnerability -- its internet connections or front gates. Most organizations rely on broad network connectivity for communications, but the sheer number and complexity of the required interconnections may expose internal systems -- including devices and management systems -- to attack.
Cyber criminals often rely on vulnerability scanners for reconnaissance, probing networks and their connected devices for areas of weakness. The scanners seek to establish TCP/IP connections at various ports, gaining valuable information from devices that respond to such requests, sometimes even with firewalls in place. After gleaning enough information, hackers can strategize how to break in. Under a zero-trust model, authentication would occur before that critical TCP/IP connection could be established, keeping the front gate firmly closed.
Zero trust is critical on the inside also
While a goal of the zero-trust model may be to stop criminals at the front gate, that's not the only objective. In many instances, once criminals infiltrate a system, they move laterally through a network relatively unrestricted -- inside clouds and data centers to infect additional systems. For a truly robust solution, it is essential to pair zero trust with microsegmentation, adopting the same philosophy of zero trust for internal traffic.
One of cyber experts' top recommendations for protecting internal systems and devices is to segment and segregate networks and their functions, essentially creating barriers that will stop a bad actor from moving around within the network and halting the spread of malware to other systems. As a key security control, microsegmentation provides assurance about restricted access to systems not only to internal security staff, but also to regulators and auditors.
In a microsegmented network, a municipality will minimize and protect the interconnections between the functional parts of its network. One of the most straightforward approaches groups the enterprise network into nodes defined by roles and functions, such as accounting, engineering, administration, etc. Access to each node is then predicated on a requirement for authenticated identity, allowing only traffic from approved parts of a network, from allowed ports or carrying reasonable content, for instance. Some authenticated identities may not even be permitted to see which other nodes are available on a network, further shielding key assets should devices in other nodes become compromised.
Attacker advantage eliminated
A zero-trust model with microsegmentation may be applied to new or existing network infrastructure, enabling public-sector entities to save the cost of building an entirely new system. The approach can reduce the spread of malware and help prevent data exfiltration, while enhancing compliance and regulatory reporting. Further, by lowering the level of network traffic by stopping unauthorized users at the gate, zero trust reduces the load on a network and improves performance while preserving a secure environment.
Municipalities and other public entities increasingly feel like they have a target on their backs. And they do! It has been made abundantly clear that hackers now recognize the security shortcomings and rewards of municipal-level targets. Recent ransomware attacks crippled key systems in Baltimore and 23 cities and towns in Texas, creating small amounts of chaos. For every major headline, there have been several other small attacks that don’t make the front pages (two cities in Florida, three public school districts in Louisiana, a county in Indiana and others). Hackers know that a small disruption to the network can hinder operations for weeks at a time, and cities will often pay the ransom since doing so may be less expensive than updating their entire network.
Ransomware will continue to affect cities around the country -- especially small municipalities with talent gaps and minimal budgets -- until we can adopt a zero-trust environment with microsegmentation to validate identity and prevent hackers' lateral movement through networks.
Michael Murray is senior vice president and general manager of cyber physical systems at BlackRidge Technology.