In 2017, the NHS faced what it described as its biggest cyberattack in history. A ransomware known as WannaCry, which had already infected thousands of networks around the world, eventually found its way to the UK’s healthcare system.
It impacted at least 80 trusts—about twice than previously reported—and prevented healthcare facilities and providers from accessing their medical equipment such as MRI scanners and mobile devices. Over 25 percent of the trusts and many general practitioners and specialists needed to delay or suspend urgent procedures.
These cases, despite being widespread, are not isolated. Some experts even believe that the number would only increase in the coming years. In 2020 alone, there have been about 400 million cyberattacks detected.
However, most commonly believe that cybercrimes, such as data breaches and ransomware, can occur because of external threats. What many seem to forget (or perhaps ignore) is the possibility of an inside job. To shield a business from an intrusion on both fronts, several CEOs and IT administrators use the zero-trust approach.
What Is Zero Trust?
Zero trust is a model, concept, philosophy, or principle that stresses an organization should never trust anyone, including their people (yes, even the management is not exempted). This isn’t surprising since the majority of these cyberattacks are inside jobs, according to IBM research.
In 2015, for example, outsiders committed only 40% of the cybercrimes. The rest were insiders. While 15% were inadvertent actors, nearly 45% of these inside-job attacks were malicious.
Coined by John Kindervag of Forrester Research in 2010, it suggests that no company should trust network traffic and that it should ensure that every access to the network is secure. Moreover, it aims to reflect the security needs of the times.
Zero trust tries to replace the castle-and-moat approach many years ago. In the analogy, a firewall, which experts liken to a fortress, protected the company’s system, which symbolized the castle. The problem with this model is that it wouldn’t work in the age of cloud computing, and it was also extremely restrictive.
Companies can explore many ways to implement zero trust. These include:
- Implementing a multi-factor authentication
- Limiting the access of individuals (e.g., they may not be able to open files or read information from other departments)
- Opting for database tracking, such as MSQL performance monitoring
- Providing conditional access control according to the context of the network request
- Strengthening policies, like bring your own device (BYOD)
Pros and Cons of Zero Trust
What makes zero trust beneficial that even Google and Microsoft are already implementing it? One of its biggest applications is in controlling or eliminating the vulnerability of the 5G network.
A 5G connection promises hyper speed, low latency, and immense connectivity capability that, when it comes to tech, it seems the sky is the limit. It can help build smart cities and run self-driving cars. It can encourage the growth of the Internet of things (IoT).
However, experts also identified at least ten vulnerabilities. For example, cybercriminals can hijack emergency alerts often delivered via texts or incoming calls. The 5G network also means more users, devices, networks, equipment, and systems connected.
With zero trust:
- Cybercriminals are less likely to penetrate all levels of a system or network. It may then help prevent the risk of a massive data breach.
- It may prevent both external and internal users from accessing just any point of the network, which can open an opportunity to malicious actors.
- Because zero trust advocates for constant monitoring, IT administrators are more likely to catch a breach before it gets worse.
- Companies can also perform analytics and spot patterns that may indicate an attack is about to happen.
Zero trust, though, doesn’t happen without challenges or disadvantages. Some think that the approach is still restrictive. It may even curb innovation or reduce productivity and efficiency as employees may not be able to access or use the information they need immediately. Instead, they would have to go through many steps and deal with many people and departments.
Further, this model may become more difficult to implement as more players, networks, and equipment or devices become part of the system.
The cost of cyberattacks is staggering. According to the World Economic Forum (WEF), a lone malware attack cost the industry over $2.5 million in 2018. Within the same period, ransomware cost at least $500,000.
Cybercrimes don’t spare small businesses, which are likely to lose $200,000 a year from a data breach. Some cannot recover that at least 40% eventually shut down after an attack.
Zero trust sounds like the holy grail the world needs to pull the plug on cybercrimes. But in reality, it’s not the be-all, end-all solution. To stop these attacks is to perform an offense on many fronts. The model also needs to evolve to reflect the changes in connectivity and network security needs.