The pandemic is poised to leave a lasting impact across the global business landscape: namely, our overall mentality around work and the booming increase in remote operations across both the public and private sectors. Most employees are now working from home, and are oftentimes accessing sensitive company information from unsecure networks. More recently, there has been extra pressure on cyber defense in the United States as some of its largest organizations across the country have fallen victim to some form of a security breach.
This boom in ransomware attacks has coincided with a fast-moving remote work shift, with more than 304 million attempts taking place in 2020 with a current average of about 7 per hour in 2021. As the United States continues to face attacks across critical sectors — energy and infrastructure, healthcare, and operational technology (OT) — a cultural shift in cybersecurity is taking place. The Kaseya ransomware incident is the latest example of a highly sophisticated attack whose implications have governments increasingly worried.
The world is being exposed to new data vulnerabilities as it switches to a more hybrid remote work culture. For businesses and organizations, achieving true zero trust architecture means looking toward identity-based solutions that are flexible and can support the work-from-anywhere environment. By following these new blueprints around cybersecurity this will enable the U.S. (and other governments) to help mitigate the massive challenges that lie ahead.
The ransomware pandemic
When you look at the increase in ransomware incidents over the last year, one can easily identify several contributing factors that explain why these attacks have gained traction. The pandemic has kept employees remote for much longer than anticipated, leading to new gaps and holes in enterprise security that IT and security teams have been scrambling to mend. Over a year later, keeping sensitive company information and IP secure while constituents are scattered across the country — instead of working from the safe confines of their office VPNs — has been an issue that many struggle to solve.
The cryptocurrency boom has also given hackers the ability to remain anonymous while cashing out on large-scale raids. The ability for hackers to hide behind an anonymous ransomware group and engage in nefarious exchanges of cryptocurrency for data makes carrying out these hacks all the more appealing to threat actors. And people are catching on. Some of the most sophisticated ransomware groups are offering to sell their tools to aspiring hackers, leading to the emergence of “ransomware as a service.”
Ransomware attacks have proven to be extremely lucrative for successful hackers. The Colonial Pipeline breach in May resulted in a loss of almost $5 million in Bitcoin. Mere weeks later, across the United States and Australia, the JBS hackers made off with $11 million. Although many of these attacks are simply born out of opportunity, targeted ones against ill-prepared small-medium businesses (SMBs) and public entities have been on the rise. Almost half of all SMBs have been the target of ransomware to some degree, and over 70% of those SMBs affected have actually had to pay a ransom. The problem is that SMBs don’t always have the means to defend themselves against an attack, so they default to paying the ransom in order to maintain business continuity and keep customers happy.
Ransomware attacks have now become viewed as a dual-threat, instead of simply being a threat in the sense that an organization risks losing its data. There is now the potential for your data to be released and sold on the open market. Offense today is outperforming defense mechanisms that aim to combat these breaches. Businesses of all sizes should be increasingly proactive in taking a more aggressive approach to improving their cybersecurity posture and structures.
Why zero trust
Zero trust may be the latest buzzword in cybersecurity, but it is quickly becoming an integral solution for preventing damaging cyber-attacks and data breaches. Yet few companies seem to have a real grasp of how it works. Zero trust operates under the premise that ALL networks are insecure and must individually evaluate each resource continuously to determine who is allowed access. This verification process is done every time a user wants to access a component of the network, ensuring that users are only accessing what they are approved to access. This idea of continuous verification is critical towards preventing attackers both inside and outside the network.
Pre-pandemic, the general awareness around the importance of good cybersecurity practices certainly existed, but it wasn’t fully acknowledged. But as technology evolves and the frequency of data breaches increases, this past year proved to be a prime example of how quickly the landscape has changed. Cybersecurity needs to evolve quickly in order to be able to remain ahead of the curve and perform effectively.
Although there are uncertainties around the immediate future of zero-trust network access adoption, new standardizations have laid the groundwork for the simplification of future complex government cybersecurity strategies. Flexible solutions are key as we look ahead to a future where hybrid work is shaping up to become standard.
We must be mindful that cybersecurity is not a “one size fits all” solution, especially when considering that larger organizations are normally the primary victims of these breaches and hacks. SMBs are just as, if not more vulnerable because they are viewed as the “low hanging fruit.” Despite perhaps not being a big win financially, they are still easy targets and are more likely to comply with a hacker’s demands due to the fact that they have limited options when it comes to trying to recoup their compromised data.
Concerns over widespread gaps in network security and the growing pool of malicious hackers have been raised ad nauseum by a global community of researchers and field experts, but action is finally taking place to improve overall security posture. In particular, it’s encouraging to see governments are looking at zero trust more closely, as seen by the new executive order in the United States that aims to make up for shortcomings and provide a more uniform approach to cybersecurity across the board. However, in order to cater to an organization’s needs, cybersecurity should be looked at more holistically in order to cover more ground and fully protect the organization’s assets. The EO provides the groundwork/guidelines previously mentioned to give organizations the foundation to build on, optimizing their cybersecurity solutions as they see fit, as a way to assure they are fully secure for the future.
Almog Apirion is CEO of Cyolo.