Search
My account
Categories
 Naar overzicht
Prevent zero-day attack? Thé solution for Secure Homeworking.

Prevent zero-day attack? Thé solution for Secure Homeworking.

Prevent zero-day attack? Modernize your VPNs and use MFA. The solution against cybercrime. Read this blog and protect your organization.

That working from home ‘is the new normal’ we saw that coming 20 years ago but we never expected it to become embedded in our society in this way. The government has called for working from home as much as possible. Many employers are heeding this call. But what does that mean for data and network security for the organization? How do employers deal with issues such as ‘Bring Your Own Device’? And do they recognize the need for additional security beyond the regular VPN? There is a clear link between working from home from 2020 and the increase in cyber attacks.

Sensitive and crucial business information is now literally ‘everywhere’ and can easily be exposed to the street in the event of such an attack. So it's important to protect your business against cybercrime. In this blog we take you through the solutions for secure home working and give you some examples of where and why it went wrong recently.

Would you like to participate in our webinar: 'Safe working from home with ZoneZero MFA' fill in your contact details here.

Simple VPN Doesn't Protect Enough Against Zero-day Attacks

The COVID-19 crisis has forced organizations to make their IT infrastructure suitable for ‘remote working’. Working from home is now very common thanks in part to government insistence. However, the security aspect seems to remain an underrated issue. There are a remarkable number of cyber-attacks carried out on weak software components. These are also called ‘Zero-day’ attacks.

Zero-day attacks are a high-risk form of cyber attack, where the hacker looks for vulnerabilities in software. ‘Zero’ in this case means that the software developer ‘0’ days is aware of the vulnerability. This means that hackers can use a zero-day vulnerability for an attack before anyone realized anything is wrong.

A Zero-day attack subsequently becomes a ‘One-day vulnerability’. For this, a security patch is usually developed quickly, but the disadvantage is that it has to be widely disclosed that this patch is there. This disclosure in itself brings risks with it.

What are the risks of a Zero-day attack?

Working from home involves more than employees logging into the corporate network. We handle banking matters, store personal data of customers and perhaps, as an organization, you have to deal with sensitive information such as medical data or financial data. We also communicate with clients and are connected to all kinds of networks and platforms. This brings the necessary risks to the organization. What we see is that hackers are looking for vulnerabilities in systems in order to subsequently gain access to very important and sensitive business information. Especially now that many people work from home. It is important for organizations to have and keep a grip on network usage and communication.

Cybercrime and megahacks, we must learn from them

The cases that unfortunately took place provide insight into how hackers work. They show us that the deployment of ‘secure access’ through Virtual Private Networks (VPN) is no longer up to the task of resisting intruders. VPN is no longer adequate to protect trade secrets.

A good example of where things have gone wrong is Shirbit, the insurance company. Hackers exploited vulnerabilities in Shirbit's Pulse Secure VPN. By doing so, they gained access to the company. All layers in the network could be reached and in this way criminals managed to steal data. Then they threatened to disclose the sensitive data if a ransom was not paid. Certainly not a situation you as an organization or company are waiting for.

Another example is the well-known SolarWinds case, where hackers used a vulnerability in SolarWinds' Orion platform to connect to their command and control servers. After this, they were able to laterally traverse the network, looking for the most crucial data to make the largest possible malicious impact.

Simple solution to a large-scale problem

The best protection against cyber attacks is by using a Zero Trust Network Access (ZTNA). Organizations that implement principles of ZTNA are many times less at risk from intruding hackers. Moreover, your IT organization does not have to constantly look for new patches for all kinds of vulnerabilities in different elements of the IT architecture. With Zero Trust Network Access you bring a modern security layer to your current network infrastructure.

Safe-T's ZoneZero® solution

Safe-T has very ingeniously responded to this trend in cybercrime. They are revolutionizing Zero Trust Network Access with Safe-T ZoneZero (certified by Gartner). A key premise of manufacturer Safe-T is that you need to think ‘as if the hacker is already inside’, where you want to prevent lateral movement at all times. Whether your organization operates with VPN or without VPN, ZTNA enhances your current infrastructure and provides secure access in your organization. For example, it provides continuous user authentication (Multifactor Authentication, MFA), even when other services you use did not support it. Safe-T ZoneZero seamlessly integrates with your organization's existing VPN and firewall infrastructure.

Safe-T adds MFA capabilities to applications, proprietary services, RDP, file shares, SSH, SFTP, VMWare, and more. Built-in MFA or integration with 3rd party software MFA/IdP’s is possible (including SMS, push messaging, biometrics, Telegram, WhatsApp, REST API).

Modernize your current VPN connections

By modernizing your current VPN connections with products from the ZoneZero Perimeter Access Orchestration platform, you guarantee your organization optimal data security. In doing so, you prevent cyber attacks and protect your organization against data leaks.

Safe-T does not use 2FA (Two Factor Authentication), but exclusively MFA (Multi Factor Authentication). In addition, ZoneZero SDP offers the patented ‘Reverse Access technology’. With this you realize a ‘cloak’, which means that you make your network environment ‘invisible’ to unauthorized persons. With the ZoneZero VPN solution you modernize your current VPN clients. You can use your current VPN/SSL connections for this purpose.

ZoneZero MFA ZoneZero SDP ZoneZero VPN

The above three components (ZoneZero MFA, ZoneZero SDP and ZoneZero VPN) are also offered in a package (ZoneZero Perimeter Access Orchestration), but can also be purchased separately to achieve ZTNA within your organization.

A step further

As an additional security, on top of true MFA, you can choose to apply ZoneZero SFA. SFA or ‘Secure File Access’ is especially useful for keeping ransomware out. In addition, with Secure Data Accesss you ensure that outbound port communications are easy and controlled.

Secure File Access (SFA) Secure Data Access (SDA)

Benefits of ZoneZero MFA:

  • Simple solutions to highly dangerous cyber threats
  • Independent on your software package
  • True Multi Factor Authentication 
  • Existing VPN’s continue to exist
  • Centralized approach, no user-side integration

Webinar cybercrime

Want to learn more about Zone-Zero and Zero-Day attacks? About using Safe-T products to protect your organization from hacks? Or would you like to be able to help your customers better protect their organization, for example because a lot of work is done from home within their organization? Then participate in this webinar.

Costs & Delivery

Order your ZoneZero MFA solution directly online. We deliver within 5 days. The ZoneZero MFA solution is suitable for any network.

Product information & Ordering