Zero Trust: A Response to the Kaseya Attack

The Kaseya ransomware attack that took place on July 2nd has sent shockwaves throughout the cybersecurity industry and throughout the American government. It is estimated that between 800 and 1,500 companies fell victim to the attack. The FBI has described the attack as a "supply chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple MSPs and their customers."

In response to the ransomware attack, the White House recommended businesses adopt a zero-trust security model to prevent future attacks from occurring. The zero trust model helps businesses strengthen vulnerabilities in their security architecture to prevent bad actors from infiltrating a company.

What is Zero Trust?

The White House refers to zero trust as “Zero Trust Architecture”; it’s basically a security model in which a company recognizes there are internal and external threats to companies and companies should not have any implicit trust in any part of the security infrastructure. Zero trust is a “trust, but verify” approach to security and it uses real-time data to determine access and system responses.

With zero trusts, endpoints and users are not automatically trusted. This helps directly combat internal threats and people with rogue credentials that want to gain access into a company. Adopting zero trust exponentially strengthens a company’s security because nearly 80% of all attacks involve credential misuse and abuse. The real-time visibility provided by zero trust helps companies recognize and mitigate any security risks internally and externally. 

What are the Benefits of Embracing Zero Trust?

Rigorous authentication: Many companies fall victim to attacks because they have weak or nonexistent authentication systems. With zero trust, all users will have to authenticate and verify their credentials when they access any company resource. When a user accesses a file, device, or application, they will be required to re-authenticate. 

Limitation of user privileges: One of the reasons that cyberattacks are devastating is because a hacker can gain access to an entry-level employee’s credentials and use that to access sensitive company data. With zero trust, users’ privileges will only be limited to what they need to perform their job. Any additional access and privileges will be automatically removed to mitigate risks.

Logging: Zero trust has logging built into its security architecture. This means that all file accesses, network calls, emails, and other actions are monitored. When an attack or threat occurs, the company will have all the details needed to track down who is responsible and the methods they used to infiltrate systems. This makes it much easier for companies to detect compromised accounts and act quickly. 

To learn more about how you can use zero trust to improve your cybersecurity, talk to an expert here.