Researchers from Germany and Hawaii demonstrated how communication from outer space—yes, outer...
Malware from Aliens: Why Zero Trust is the Only Policy
Researchers from Germany and Hawaii demonstrated how communication from outer space—yes, outer space—is inherently untrustworthy. In their paper, they demonstrate how in the time and effort taken to decipher the extraterrestrial “hello,” we may miss alien malware that is completely foreign to us. They recommend completely destroying any complex message from space in order to avoid all risk.
While this sounds far-fetched, we should examine the metaphor of alien access attempts. We may not have to worry about aliens phoning us, but the example illustrates how we don’t ever truly understand the motives of someone accessing our network.
This is why we must adopt a Zero Trust model for securing our environment. Zero Trust is a security framework based on the concept that an organization should never trust anything inside or outside its perimeters. Instead, it should verify anything and everything attempting to connect to its systems prior to granting access. Companies should ensure all resources are accessed securely and should actively inspect all logs to make sure everyone is playing by the rules.
If you want to know why we should be implementing Zero Trust, consider the following statistics:
- The 2017 Annual Cybercrime Report from Cybersecurity Ventures predicts that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. Zero Trust is applicable across all industries, completely scalable, and does not violate any civil liberties.
- Additionally, the 2017 Data Breach Study, sponsored by IBM and conducted by Ponemon Institute, found the global average cost of a data breach to be $3.62 million. Gartner, Inc., a tech research and advisory firm, had forecasted global spending on security to reach $96 billion by 2018.
It is also a wise practice to adopt the principle of least privileges policy. In the fields of information security, computer science, and a variety of others, this principle states that subjects must only be able to access the resources and information deemed absolutely necessary for their legitimate purposes. In the past, it was assumed that just because you might possibly need access to certain system permissions, you should have them. By eliminating this assumption and providing bare minimum access, you are creating better security for your company. Additionally, there is minimized potential for attack when access is only granted on an as-needed basis, rather than as a blanket security privilege. A recent and well-known example would be the Target customer account data breach. This occurred because an HVAC contractor had permission to upload executables, resulting in one of the largest data security breaches. Had the principle of least privileges been implemented, Target would not have created such a broad attack surface for the cybercriminals.
While the HVAC contractor wasn’t quite a Martian from outer space, he was alien to the secure information Target was housing. Shouldn’t every potential intruder be treated as an alien? The entire principle of Zero Trust lies in the concept, “Never trust, always verify.” Essentially, any external access attempts need to be treated as unsafe unless proven otherwise.
Currently, there are estimated to be 11 billion connected devices in the world, creating the greatest risk known so far within information security. The threat landscape has increased drastically, and it is easier to exploit traditional security models that are built around flat, open networks. The notion that internal traffic is inherently safe couldn’t be further from the truth. The safest option is the Zero Trust policy, which mandates ALL traffic, internal and external, be logged, inspected, and verified.
By implementing a mindset of not implicitly trusting our environment and adapting to explicitly trusting, we can avoid even the most far-fetched intrusions—such as malware from aliens! Firewalls can no longer be blindly trusted, and we cannot rule out any kind of external threat, whether it is from mobile devices, remote contractors, or even little green men. The bottom line is, Zero Trust is the most effective way to keep any network secure.