Zero-trust architecture may hold the answer to cybersecurity insider threats | MIT News
For years, organizations have taken a “castle and moat” defensive approach to cybersecurity, seeking to protect the perimeters of their networks to block any malicious actors. People with the right credentials were supposed to be trusted and allow access to the systems and data on a network without having to re-authorize each attempt at access. However, today’s organizations store more and more data in the cloud and allow employees to connect to the network remotely, both of which create vulnerabilities to this traditional approach. A more secure future may require a “zero trust architecture”, in which users must prove their authenticity every time they access an application or network data.
In May 2021, President Joe Biden’s Executive Order on Improving the Nation’s Cybersecurity outlined a goal for federal agencies to implement zero-confidence security. Since then, the MIT Lincoln Laboratory has been conducting a study on zero-confidence architectures, with the aim of reviewing their implementation in government and industry, identifying gaps and technical opportunities, and developing a set of recommendations for U.S. approach to zero. -Confidence system.
The first step of the study team was to define the term “zero confidence” and understand misperceptions in the field surrounding the concept. Some of these misconceptions suggest that a zero-confidence architecture requires completely new equipment to implement or that makes systems so “locked” that they cannot be used.
“Part of the reason there’s a lot of confusion about what zero trust is is because it takes what the world of cybersecurity has known for many years and applies it in a different way,” says Jeffrey Gottschalk. Lincoln’s assistant chief. Cybersecurity and Information Sciences Division of the Laboratory and co-director of the study. “It’s a paradigm shift in how we think about security, but holistically we need a lot of things we already know how to do, such as multifactor authentication, encryption, and software-defined networks, and combine them in different ways. . “
Play the video
Presentation: Overview of zero trust architectures
Recent high-profile cybersecurity incidents, such as those involving the National Security Agency, the U.S. Office of Personnel Management, Colonial Pipeline, SolarWinds, and Sony Pictures, highlight the vulnerability of systems and the need for rethinking cybersecurity approaches.
The study team reviewed recent and shocking cybersecurity incidents to identify which security principles were most responsible for the scale and impact of the attack. “We realized that while some of these attacks exploited previously unknown implementation vulnerabilities (also known as ‘zero days’), the vast majority were actually due to the exploitation of security principles.” , says Christopher Roeser, co-director of the study and deputy director of the National Air Traffic Protection and Control Division, “that is, getting people’s credentials, and moving within a network connected that allows users to gather a significant amount of information or have widespread effects. “
In other words, the malicious actor had “breached the ditch” and effectively became a privileged person.
The principles of zero trust security could protect against this type of internal threat by treating every component, service and user of a system as continuously exposed and potentially compromised by a malicious actor. A user’s identity is verified each time they request access to a new resource, and each access is mediated, recorded, and analyzed. It’s like laying travel cables all over a network system, says Gottschalk. “So when an opponent stumbles upon this travel cable, you get a signal and you can validate it and see what’s going on.”
In practice, a zero-trust approach might seem to replace a single sign-on system, which allows users to sign in only once to access multiple applications, with a known and verified cloud-based identity. “Today, many organizations have different ways to authenticate and log in to systems, and many of these have been added for convenience in single sign-on capabilities, just to make it easier for people to log in to their systems. But us Imagine a future state of zero trust, where identity verification is enabled by a cloud-based identity that is portable and ubiquitous and highly secure. “
While conducting the study, the team spoke with approximately 10 companies and government organizations that have adopted zero-confidence implementations, whether through cloud services, internal management, or a combination of both. They found the hybrid approach to be a good model for government organizations. They also found that implementation could take three to five years. “We talked to organizations that have really done zero-trust implementations, and they all indicated that it took significant organizational commitment and change to be able to implement them,” says Gottschalk.
But one of the key findings of the study is that there is no one-size-fits-all approach to zero trust. “That’s why we think having a test bench and pilot efforts will be very important to balance zero confidence security with the mission needs of these systems,” says Gottschalk. The team also recognizes the importance of conducting ongoing research and development beyond the initial implementations of zero trust, to continue addressing evolving threats.
The Lincoln Laboratory will present more results from the study at its next conference on cyber technology for national security, to be held June 28-29. The conference will also offer a short course for attendees to learn more about the benefits and implementations of zero trust architectures.