The SolarWinds Hack: Inside the "Hamster Wheel" of Breach Prevention
The depth and scope of the SolarWinds hack has shaken cybersecurity teams and made them question how—or if—they can prevent their systems from being compromised again. Here are some tips and strategies to ensure the highest level of defense.
New details are still emerging about the SolarWinds attack that overwhelmed the cybersecurity industry at the end of last year. Recently, the US Justice Department said the hackers took control of the department’s Office 365 system and accessed emails from a few thousand staffers. This was discovered on December 24, 2020, nine days after the initial hack was announced, and further highlights how pervasive it was.
Several other federal agencies have said they were also affected by this hack, along with Microsoft and FireEye. Overall, the attack was extremely eye-opening and underscores the critical message that we have to remain vigilant and enhance our security programs with multiple layers of protection to protect sensitive data.
That is why PKWARE is taking several approaches to protecting sensitive data for our customers by eliminating security gaps through "Defense in Depth" and "Zero Trust."
Defense in Depth
By having multiple layers of protection in place, it’s harder for hackers to get their hands on sensitive data. Taking a layered approach to information security makes up for a failure in a security control or if a vulnerability is exploited in a single security tool or layer. The more layers of defense with intentional redundancies increases the security as a whole and protects against attacks from a variety of vectors.
Further, access control keeps people from obtaining information they are not supposed to have access to based on their role, department, clearance or other factors. Persistent encryption is a layer that ensures that if hackers do manage to bypass the access control, all they get is an encrypted file, which is useless without the key.
The zero trust strategy really means organizations don’t trust anyone—on the inside or outside. Therefore, everything and everyone that are trying to connect to systems must be verified. This helps prevent against so-called Trojan Horse breaches, and ensuring organizations have the right people and processes in place to respond in case a breach does happen.
Another method that organizations could do to ensure protections is to pay for bug bounties. This is when a hacker finds a flaw or issue with the software and offers it up to the company in exchange for a fee. If companies pay the bounty, they will have access to what the failure was and fix it before someone else has the time to find it. The alternative is that the hacker could sell this information on the dark web for a large amount of money, putting the vulnerability in the hands of others who could use it to do more damage.
A Renewed Focus on Data Security
As the massive SolarWinds hack has shown, there is no silver bullet to prevent another breach like this. All organizations can do is remain vigilant and use trusted experts and vendors that create multiple layers of protection for their sensitive data, and have an attack plan in case of a breach.
To put it in context, say an organization is using an access management solution like Microsoft Active Directory (AD) for file access and a separate account for PKWARE users outside of AD. If at any time the PKWARE user credentials are stolen, the attackers could have the keys, but not the encrypted files. Or vice versa: An attacker steals a user’s AD credential, at which point the attacker has the encrypted files, but not the keys to decrypt them. This process adds multiple layers of protection in case one system fails or a hacker gets the credentials to one system.
With all this being said, the biggest problem in cybersecurity is still the usability. All the protections in the world won’t safeguard an organization if they don’t take advantage of them and set everything up how it was meant to be used. Many cybersecurity and data security professionals say even with as many protections as possible, you still need software that detects a hack in real-time. Some go so far as to say you should expect to be hacked, which is why you need an effective and efficient response plan. Defense in Depth and Zero Trust are good places to start.
Add additional layers of protection to your organization’s sensitive data. See how it works first hand by requesting your FREE demo now.