Adopting a zero-trust approach to combat advanced malware attacks
Malware, and particularly ransomware, seems to be the weapon of choice for cybercriminals and state-sponsored hackers in 2021. An analysis of disclosed ransomware attacks in the first half of 2021 shows the number has doubled, with three major groups responsible for 60% of all attacks.
The marketplace for ransomware has evolved over the past decade. We use the term marketplace specifically because organised groups have effectively created a new proposition – ransomware-as-a-service. Whilst some are individually funded and motivated, many of the recent attacks have been state sponsored in what amounts to acts of cyber-warfare.
The very public discussions between the US and Russian governments reveal that everyone seems to know what’s going on, but nobody seems to be able to stop it.
An evolving threat landscape
The challenge for cybersecurity professionals is that they have traditionally been playing a game of catch-up when it comes to tackling malware. Many anti-virus and anti-malware solutions are dependent upon detection-based technologies and the prior disclosure of threats. By their very nature, the threat needs to exist, be known, detected and remediated. Even if disclosure comes quickly after release, there is a window of opportunity for bad actors to exploit.
Today’s cyber-gangs are a far cry from the quaint stereotype of the talented teen in his basement hacking the corporate giant “because he can”. Cybercrime is big business, with hacking collectives and malware creators better resourced and funded than ever before. The sophistication, variation and sheer volume of attacks mean that traditional prevention technologies are no longer fit for purpose. In order to prevent malicious content from infecting a network, it is necessary to adopt a zero trust stance.
The best offence is a good defence
If cybersecurity professionals are to shift the balance in favour of the good guys, they need to stop playing catch-up and get ahead of the game. Recently, Senetas became the majority stakeholder in Votiro Secure File Gateway – an anti-malware solution with a difference. Commenting on the investment, CEO Andrew Wilson explained why it was time to broaden the Senetas cybersecurity portfolio.
“With commercial, government and defence customers for our high-assurance encryption solutions in more than 40 countries, this investment just made sense. Our customers take cybersecurity very seriously and are always looking for cutting-edge technologies to augment their cybersecurity stance”.
With the addition of an anti-malware solution to the existing encryption and secure filesharing portfolio, Senetas is able to offer state-of-the-art prevention and protection technologies.
“Today, there is no more serious cybersecurity issue than malware and ransomware attacks. The attacks attributed to cyber-gangs and state-sponsored cyber-criminals are more sophisticated than ever. Being signatureless and zero-day in nature, these attacks are proven to be beyond the capabilities of legacy cyber-attack prevention solutions.” Mr Wilson said. “It’s clear that better technology, specifically developed for such threats is required.”
Votiro Secure File Gateway is a proactive technology. It is an example of the zero trust approach being advocated by cybersecurity professions. It assumes everything entering an organisation’s file gateways is a threat, it breaks down content to identify and remove any illegitimate code, reconstructs the content and delivers it safely – all without disrupting file functionality or systems performance. Unlike many legacy solutions, because Votiro is not detection-based, its effectiveness is not limited to known threats; it is equally effective against undisclosed, signatureless attacks.
Globally, organisations are being encouraged to review their anti-malware solutions to determine their fitness for purpose. “We have seen significant growth in opportunities among commercial and government customers, especially in the US, who feel their current anti-malware solutions are vulnerable to undisclosed and zero-day attacks.” Mr Wilson added. “There is also a synergy with our high-assurance encryption solutions for network security. They offer network protection from injection of rogue data, through their authentication feature, in addition to providing maximum encryption protection of data moving over networks. Votiro is also an ideal fit with SureDrop, our encrypted file sharing and collaboration platform. SureDrop customers can elect to add enterprise-wide protection from malicious content by integrating the two solutions. The result is a secure environment for collaboration that is protected against malware intrusion.”