In connection with large-scale hacks, IS experts suggested resorting to The Zero Trust Model
A series of large-scale cyberattacks that pointed to dangerous vulnerabilities in US cybersecurity prompted government officials and cybersecurity professionals to use The Zero Trust Model as a way to stop attackers’ malicious campaigns.
Researcher John Kindervag, in his 2010 article, recommended that administrators of sensitive computer networks not trust anyone, regardless of the employee’s position.
“Once an attacker gets past the shell, he has access to all the resources in our network. We’ve built strong perimeters, but well-organized cybercriminals have recruited insiders and developed new attack methods that easily pierce our current security protections. To confront these new threats, information security professionals must eliminate the soft chewy center by making security ubiquitous throughout the network, not just at the perimeter”
, — John Kindervag wrote.
Then the words of a specialist were not taken seriously, but now this concept can become a solution to modern problems. For example, in February of this year, the US National Security Agency issued guidance urging network owners associated with national security and critical infrastructure to adopt the zero-trust model.
Calls for a zero-trust model have intensified in recent months after foreign-government-funded hackers hacked US software maker SolarWinds’ computer networks and Chinese hackers began exploiting vulnerabilities in Microsoft Exchange software to compromise tens of thousands of organizations.
Experts understand that zero trust would not have prevented breaches, but it would probably limit the damage.
“At the very least, this security measure would give the US a better chance of detecting the movements of intruders, preventing them from freely roaming government and private networks”, – experts suggest.
In many existing computer networks, after logging into the system, the user can freely move and access information without additional verification. Some cybersecurity experts call this approach “castle and moat”, as provides perimeter protection through investments in firewalls, proxy servers and other tools to prevent hacking, and assumes that activities within the company are mostly secure.
Zero Trust uses a different approach in which any authorized user is suspicious and cannot freely roam the system without authenticating their credentials for each additional connection.