Ransomware is alive and well in the enterprise space! Recent events in the medical community represent the new face of cyber security by today’s opportunistic digital criminals. Given the way that hospital employees were locked out of internal systems such as, email, it's clear this attack started from inside the network – most likely through malware.
Until now most ransomware demands were linked to DDoS attacks – but this marks a turning point – and the use of nearly untraceable currency for payment – Bitcoin being the novel twist. On the eve of the RSA conference, as we are, much speculation will ensue, but I am willing to bet that it was an event that may have been prevented using NAC and an adaptive exchange with internal security solutions, like firewalls and SIEM solutions.
At some point, a device did something that its user should not have access to. When we limit Role-based access control to people and not devices we are leaving ourselves open to this exact type of attack. The failure to make device context part of an access control policy is the number one reason that our employee’s can hurt us – albeit unknowingly.
More details will surely follow, but sadly risk posture is based on what the situation is, not what we think the situation is.
While Network Access Control may not help in all scenarios, Aruba’s ClearPass and ClearPass Exchange integrate with your existing infrastructure to define and control what enterprise data can be accessed by whom and but devices. When working together with other security components you have a you establish a holistic approach to an end to end security – devices, your access layer, traffic inspection and enforcement.
In this modern world, its imperative your infrastructure elements work with and communicate effectively with one another. It’s not exciting, it’s not sexy but it is essential. IT Security remains one of the few professions where a quiet day is a good day.
Your thoughts are welcomed.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.