Cyberattacks and data breaches are a daily occurrence, but some incidents stand out from the rest. In 2020, the most visible attacks exploited supply chain vulnerabilities. Addressing this type of cybersecurity risk is a priority for security teams, and one of the most important steps toward accomplishing this is implementing a zero trust architecture.
Supply Chain Attacks Are Making Headlines
While most of the news about the SolarWinds and Accellion incidents came out in early 2021, these attacks occurred and were detected in 2020. In both cases, cyberattackers leveraged poor security practices in an organization’s third-party vendors or suppliers to gain access to their customers’ networks and systems.
In the case of SolarWinds, the attackers exploited a chain of vulnerabilities to gain high-level access to the company’s update management server. With this access, the attackers were able to insert malicious code into updates for Orion, the company’s network monitoring solution. Once customers installed the updates, the malicious code created a backdoor, providing the attackers with a foothold on customers’ networks.
The Accellion breaches took advantage of vulnerabilities in a file transfer utility created by the company. After identifying vulnerable customers with an online scan, the attacker could gain access to the documents transferred over the legacy software. The vulnerability allowed the attackers to install a web shell, enumerate and download the documents stored in a database associated with the file transfer app, and clean up after itself afterwards. Since Accellion’s web transfer application is used by a number of organizations to transfer files too large to fit in an email, the incident has affected hundreds of Accellion’s customers and has created significant security and privacy issues for these organizations and their customers.
Minimizing Vulnerability with Zero Trust
Historically, many organizations have adopted a perimeter-focused security strategy. Under this model, anyone inside the organization’s network perimeter is considered “trusted” and granted full access to the organization’s network and systems. This security model has a number of issues, including a lack of internal network visibility and an inability to protect against insider threats (such as supply chain attacks).
A zero trust security model is designed to overcome the limitations of perimeter-based security. Under this model, access and permissions are granted on a case-by-case basis driven by role-based access controls.
This makes it more difficult for a potential threat to gain access to an organization’s systems and to expand their access throughout the organization’s network. Even if an account has been compromised by an attacker or is used by an insider threat, their ability to cause damage to the organization is constrained by the permissions assigned to that account.
Neutralizing Supply Chain Vulnerabilities via Zero Trust
A zero trust security architecture limits access within an organization’s environment. This can help address supply chain vulnerabilities – such as the ones that enabled the SolarWinds and Accellion security incidents – in a few different ways:
- Securing the Provider: Supply chain attacks take advantage of security issues at the third-party provider. If the provider has implemented zero-trust security, the probability that an attacker can gain access to and move laterally through their network – as in the case of the SolarWinds incident – is greatly reduced.
- Limiting Vendor Permissions: While the SolarWinds and Accellion attackers did not leverage third-party vendors’ access to their customers’ networks, other supply chain attacks (like the Target hack) have. Implementing zero trust and limiting third-party users’ access and permissions on an organization’s network and systems helps to minimize cybersecurity risk and protect against supply chain attacks.
- Monitoring External Software: Third-party software – like SolarWinds’ Orion and Accellion’s file transfer app – are commonly overlooked sources of third-party risk. A zero-trust security model should define and enforce access controls for applications as well as users, limiting the impact if they are compromised by an attacker.
- Preventing Lateral Movement: With the exception of the Accellion hack, supply chain attackers’ initial attack vector is rarely their final objective. Implementing zero trust can help to prevent an attacker from moving laterally through the network after gaining initial access.
The goal of zero trust is compartmentalization of risk. While a zero trust architecture can’t block use of legitimate access and permissions, limiting an account’s capabilities based on business needs helps to minimize the risk to the organization.
Implementing Zero Trust in the Modern Enterprise
Corporate networks are growing increasingly complex. With the increased adoption of cloud computing and remote work, corporate infrastructure is moving offsite, which makes it more difficult to monitor and secure.
When implementing zero trust, it is essential to do so at the WAN level. By using a solution with zero-trust network access (ZTNA) – such as secure access service edge (SASE) – an organization can consistently and scalably implement zero trust across its entire IT infrastructure in a way that is both usable and enforceable.