ACSM
Breaking the ransomware business model By Dale Heath Head of Solutions Engineering, Rubrik A/NZ
A
lmost every week another ransomware attack hits the headlines, and each week seems more concerning than the last. Gone are the days of malicious payloads being delivered in poorly-written spam mails. Today, attackers are taking a ‘hub-and-spoke’ approach to inflict the most amount of damage, against the widest number of victims, with the least amount of effort possible. By weaponising the trust enterprises place on the service providers within their ecosystem, attackers continually thwart perimeter, endpoint, and application-layer security defences, gaining access to the data of hundreds – if not thousands – of businesses in one fell swoop. With any inbound communication potentially posing a threat to Australian enterprises, a ‘zero trust’ approach ensures critical data is always protected and can be rapidly recovered following an attack. It is clear the ‘trust but verify’ approach to data protection is no longer adequate and businesses must rethink their protection and ransomware recovery plans.
Zero Trust Data Management The traditional approach to cybersecurity has been to adopt a fortress mentality, focusing on preventative measures and
30 | Australian Cyber Security Magazine
perimeter defences. This assumes 100% of attacks can be stopped ‘at the border’ while also assuming anything ‘inside the border’ can be trusted. Enterprises have been investing in such measures for decades, yet still attackers are able to thwart them time and time again. This demands a rethink. While perimeter security still has its place, organisations need to consider how they can make their data resilient when an attacker breaches those defences – this is the core of a zero trust approach to security. Developed by the National Institute of Standards (NIST), zero trust is defined as “an evolving set of cybersecurity paradigms that move defences from static, network-based perimeters to focus on users, assets, and resources.” Consider the physical security of a bank branch as an example. Its doors might include heavy locks, complemented with CCTV, alarms, and security guards. But once past these defences, are cash and gold left strewn in a storage room? No. They’re locked away heavy safes. This is the heart of a zero trust model. It assumes everyone is a bad actor and you can only grant access to approved, safe members. The ‘crown jewels’ of every business today is its data, and that data must be protected in a similar way.
