News of the ransomware attack on Kaseya has been widespread, since the attack took place over the American Fourth of July weekend. The attackers used a vulnerability in the company’s remote monitoring tool, exploiting a zero day vulnerability that impacted more than 1,000 businesses in several countries, stalling business operations. This type of attack within the ransomware space is known as a “supply chain attack”, where hackers use an IT tool trusted by users and networks, to access the system and damage and encrypt files.
As one of many recent high profile attacks, there has been more discussion about the need for organisations to adopt a strategy called “zero trust”. Zero trust means that no one is fully “trusted” on the network, regardless of their administrative status or if they’re an employee. It looks at all activity as a potential threat and requires IT departments to restrict privileges and require users to authenticate their identity and credentials.
Here’s how a zero trust architecture can protect your business:
- It gives you full visibility of your system to see the traffic and potential malicious activity
- It minimizes the attack surface by adding authentication steps that can halt attackers during their movement through your systems
- It can detect and stop hacks, when using zero trust-related IT and cybersecurity tools on all devices
- It provides more control by minimizing permissions access and ensuring only authorized employees can make significant changes
Contact us today to discuss a cyber security strategy for your organization and how you can implement zero trust to prevent attacks.