Cyberattacks are becoming more and more prevalent. While the Colonial Pipeline was probably the most talked about attack this quarter, it was definitely not the only one. Hundreds of recorded incidents in the past quarter have put organizations at risk. These include malware injection, phishing, and more, and have affected organizations worldwide. Here are four of the most significant breaches of the past quarter, and how zero trust security could have helped prevent them or mitigate the risks.
1. Colonial Pipeline: Ransomware Attack
Colonial Pipeline is one of the largest pipeline operators in the US, providing ~45% of the fuel for the US east coast. In May 2021, its billing system was attacked and the company shut down operations completely. Within a few hours, the company paid 75 bitcoins (~4.4 million dollars) to the hackers. As a result of the attack and the six-day shutdown, numerous fuel shortages were experienced, flights were rescheduled and fuel prices rose.
How Zero Trust Could Have Helped: Preventing Further Penetration and Avoiding Shutdown
With zero trust, Colonial Pipeline would not have to shutdown to contain the attack. Zero trust cloaks the network from attackers. Therefore, it would have prevented the attackers from finding and accessing the valuable, operation core systems. Even if the attackers would have been able to find the crown jewels, ongoing device and user authentication would have prevented access in any case.
2. American Family Insurance: Credential Stuffing
Attackers gained access to users’ driver license numbers by identifying with their names and addresses. In other words, they used PII to gain access to more PII. This was done with automated malicious bots.
How Zero Trust Can Help: User Validation and MFA
Zero trust implements multi-factor authentication (MFA) before providing access to assets and information. With MFA, users are granted access only after they are verified through two factors or more. In this case, a name and address would not be enough. MFA would also require a personal token, geolocation identification, biometric data, or another factor. This enables MFA security solutions to reduce the risk of data breaches. Read more about MFA here.
3. Japanese Dating App: Unauthorized Server Access
Personal information of 1.7 million account holders of a Japanese dating app was exposed, following unauthorized access to servers. The personal information that was leaked included drivers’ licenses, passports and insurance cards.
How Zero Trust Can Help: Device Authentication
Zero trust prevents unauthorized users and devices from accessing servers and internal systems by continuously authenticating identities. Based on the “trust no one” concept, zero trust would have prevented the attackers from accessing the app’s servers. The attacker’s devices would not have been authenticated, and the personal information would be safe.
However, even if attackers did gain access to the system, they would not have been able to see its different components and architecture, since they are not an authenticated device. As a result, they will not be able to progress laterally.
4. Edinburgh Metal Health Clinic: Phishing Scam
Phishing emails were sent to the clinic’s patients, in an attempt to make them download files. The email was disguised as a legitimate email from the clinic, containing an important document. The patients notified the clinic, and the Scotland Police’s cyber unit is now involved in the investigation.
How Zero Trust Can Help: System Access Prevention
Zero trust helps prevent phishing attacks by blocking perpetrator access to assets like email servers. This is done both by blocking the network from the attackers’ views, as well as continuous authentication through methods like MFA and single sign-on (SSO). Read more about preventing phishing attacks here.
How to Prevent Cyber Attacks with Zero Trust
While the number of cyber attacks is rising, organizations can implement zero trust to protect themselves. As a result of the zero trust model, perpetrators are denied access to the network, and if they are in it, they cannot access it or advance within it. Cyber attacks can be handled in this manner.
Cyolo is the leading zero trust access provider for organizations that want to protect their assets and customers. By securely connecting all users from anywhere without requiring a VPN, and authenticating devices, Cyolo enables employees to focus on their work and the business to grow. Cyolo provides advanced user management features, real-time recording abilities and an easy to use UI. Cyolo can also integrate with your VPNs, if needed.
Cyolo takes mere minutes to implement and is compatible with any network topology and identity infrastructure. In addition, Cyolo does not have access to the organizational data. Not only does this ensure true privacy and security, it also improves performance as a better user experience. Request a demo to learn more.
