Zero Trust and MFA Thwart Breaches

Over the weekend, a cyberattack against the largest gas pipeline disrupted fuel delivery to a huge swath of consumers along the central and southern U.S. East Coast. This latest attack has Biden administration officials and its critics finally agreeing on something: the need for improved cybersecurity measures around critical infrastructure.

The Colonial Pipeline Co.’s pipeline shutdown was fueled by a ransomware attack. Hackers got far enough into Colonial’s network to steal data last Thursday. To contain the threat, pipeline officials took many of their systems offline, which resulted in a halting of all pipeline operations.

The situation is highly disruptive to a large segment of the U.S. population. It also illustrates why we say when it comes to user identities, the mantra should be “Trust no one.” The Zero Trust security model in a nutshell says no person – whether outside or even inside the network — is trusted, unless they can show authentication or verification of their user identity. The model uses user and application authentication, as well as device authentication to determine trust. Multifactor authentication (MFA) that considers who you are (identity and password) and what you have (such as a token, smartcard or virtual smartcard) is the best way to securely identify and “trust” users.

As our distributor, reseller and technology partner Thales noted in a LinkedIn post on Monday, “… in today’s remotely managed and highly interconnected digital world, identities have become the frontier of security”.

So what’s next? On May 12, the White House issued it’s anticipated “Executive Order on Improving the Nation’s Cybersecurity,” The EO bolsters the U.S. federal government’s ability to first detect, react to and investigate cybercrimes among government contractors. It will require companies doing business with the federal government to meet certain software security standards and will require them to report cyber incidents as they happen to a new office within the Department of Homeland Security. It will also establish a Cyber Safety Review Board. The EO also notes “The Federal Government must adopt security best practices; advance toward Zero Trust Architecture,” and more which is likely to include multiifactor authentication since hardware public key infrastructure (PKI) provides the highest level of user identity security.

Meanwhile, the perpetrators of the gas pipeline attack, DarkSide, released a statement on the web saying they hadn’t intended the breach to harm regular citizens. They did. Moreover, they have helped once again educate the public about the price of security failures – at least those that are known today. As with any breach, however, there are underreported effects, such as loss of a company’s reputation that can hurt current employees and their families as well as investors. There can be collateral damage on the communities impacted, such as disruptions in travel, disruptions in deliveries of food and other supplies, and worse. Cybercrimes against business create tremendous negative impacts and burdens on the original victims, but the ripple effects can be devastating as well.

Photo by Bermix Studio.

This post was first first published on Versasec Blog’s website by . You can view it by clicking here