cybersecurity: establishing a zero-trust network in the maritime domain
In today's fast-moving digital world, especially in the maritime domain with 50,000 ships sailing the sea at any one time, connectivity to the Internet of Things has created an ever-expanding list of objects that can be hacked.
Cybersecurity experts recently displayed how easy it was to break into a ship’s navigational equipment. This comes only a few years after researchers showed that they could fool the GPS of a superyacht into altering course. And most notably, Maersk, one of the largest shipping companies in the world, fell victim to malware at a cost of over $300 million in 2017. As if that wasn't enough, given all the protections that were put in place, the company was hit again in 2018. A business subsidiary of Maersk operating in Australia was hit when security analysts at Svitzer Australia discovered that the email system of the company was under the control of hackers for 10 months before the hack was discovered on March 1st of 2018.
The point of all that, you can't trust anybody or anything. Especially in light of the COVID-19 pandemic that has thrust all of us into the remote world, and by default, the digital world of connectivity.
The Zero Trust concept was founded by John Kindervag, a former analyst at Forrester Research, and it basically is built upon the premise that organizations want a more reliable way of preventing leaks of confidential data and lowering the risk of modern cyber-attacks against their network.
And because the majority of businesses use traditional security architecture that functions on the theory that anything which is contained within their own network can be considered trustworthy, the reason for Zero Trust Networks is growing exponentially. Especially when you consider our increasing remote connectivity, and increasing attack surface, and the fact that security threats can arise internally and with even more penetration intelligence than ever before.
Dr. Chase Cunningham became Kindervag's successor as a Principal Analyst at Forrester in championing a Zero Trust Access approach. "Zero Trust is what's entailed in those two words, meaning trust nothing, don't trust password management, don't trust credentials, don't trust users, and don't trust the network," Cunningham told PCMag at the Zero Trust Summit.
Remote Workers and Increasing
COVID-19 Driven Connectivity = Danger!
In a recent NextGov article Preventing Remote Workers from Being Sitting Ducks, it was pointed out that “A common assumption many agencies fall victim to is that IT personnel are inherently trustworthy and give these workers higher-level privileges than they need. However, as the phrase goes, “Who is watching the watchers?”
"Employees given too much access are often the source of breaches—and it’s not necessarily intentional. The first defense against insider threats is using role-based access control to only grant privileges that are absolutely needed for each IT employee. For non-IT employees, such control used in conjunction with least privilege access policies could help agencies minimize risk and track who is accessing specific files to prevent inappropriate sharing of data and other malfeasance.”
The other reason a Zero Trust network makes so much sense right now is that hackers are ramping up their activities targeting the distraction of COVID-19, including vendor impersonation and disrupting teleconferences. In a recent Public Service Announcement, the FBI stated: “The COVID-19 pandemic has led to a spike in businesses teleworking to communicate and share information over the internet. With this knowledge, malicious cyber actors are looking for ways to exploit telework software vulnerabilities in order to obtain sensitive information, eavesdrop on conference calls or virtual meetings, or conduct other malicious activities.”
NetFoundry Becomes a STAR Product
After use by the NMLEA with its own online education portal, NetFoundry was chosen as a STAR Product. Here's why.
With an Application Specific Wide Area Network or “AppWAN” Zero Trust network built on the NetFoundry NaaS platform, remote workers, as well as suppliers (a frequent target of cyber hackers) are connected directly, only to the applications they require.
No more network access, which can be exploited by a hacker once behind your defenses. Instead, your end users are limited to only the applications they require and the access rights can be quickly and easily changed from the NetFoundry dashboard console. Even better, using the NetFoundry dashboard, triggers can be set to automatically alert about activities and actions that fall outside the typical patterns of activities of each end-user, and using a standard API, the alerts can be integrated into SEIM applications, and other IT Security platforms.
So for our online educational portal (PortTraining) that is used and accessed by ports all around the country, this was a way to protect that data and those federally mandated (MTSA) training records. More importantly, ports and maritime users can feel secure in knowing that with Zero Trust, no one was getting into their networks through our platform.
The Best Part? A NetFoundry Zero Trust Network can be set-up in minutes,
as it was done for the Academy!
"To support our global communities and businesses, for at least the next 2 months, NetFoundry is providing all healthcare, medical research, and law enforcement agencies with secure, high performance networking from any Internet connection. Safety is all of our top priority, and so, we have chosen to prioritize these functions. NetFoundry will help provide them the necessary secured connectivity to critical systems, as they need to conduct critical business from perhaps nonstandard locations over the Internet. Whether connecting users from home or public networks to organizational data centers, or cloud-based services, our solutions are ready to provide the required confidentiality, integrity, and availability for critical services and infrastructure, with an ease and speed of deployment that can meet the demands even now, under the current circumstances.
It’s our deep hope, for many organizations who are adjusting to the new circumstances of distributed work, that our platform will provide you with the confidence of knowing that your mission-critical work is secured and capable of the agility necessary to combat an emergency situation such as this, while not giving an inch in the security posture you have established, which is, unfortunately, a target itself."