The Week in Breach – Zero Trust is THE game in town – even NIST is in on it

Make sure to add us or contact us for the latest news

Real-Time Service Alerts





Adopt Zero Trust Security for your Business


Why Zero Trust?

Zero trust is a security concept that adds layers of complexity yet creates a stronger overall security framework. The model’s central principle is just like that motto from the X-Files: trust no one. In a zero trust framework, an organization does not automatically trust or grant blanket permissions to anything inside or outside its perimeters, no matter who the user is, not even an executive’s password. Instead, everyone from the CEO to the marketing intern must verify their identity every time they try to connect anything to their organization’s network or systems before granting access. This extra step is crucial for covering unexpected security gaps.

Many companies have still been using the old castle-and-moat architecture to secure their systems and data, and that’s a fast path to trouble these days. Previously, organizations focused on defending their perimeters while assuming every user and device that already had access didn’t pose a cybercrime threat – automatically clearing those users for access at whatever their set permissions level was with no further confirmation of identity required. This leaves organizations dangerously vulnerable to an array of nasty cyberattacks from credential stuffing to malware if anyone manages to get their hands on a legitimate password.

These days, that’s an incredibly dangerous proposition. An abundance of records on the dark web just keeps growing, adding more passwords and bigger stores of information to the pot that cybercriminals can use to mount credential stuffing attacks and other password-based cyberattacks. Just this year, a massive 100GB text file dubbed RockYou2021 was leaked by an anonymous user on a popular hacker forum. This new cache of data is estimated to contain 8.4 billion passwords, ready to use in cybercrime operations. That’s in addition to the massive quantity already available. Experts estimate that 60% of the data that was already on the dark web at the start of 2020 could harm businesses and approximately 22 billion new records landed in dark web data markets and dumps in 2020, providing further fuel for cybercrime.

The Federal Government is All In on Zero Trust

As public and congressional pressure mounted to do something about a spate of ransomware attacks against major targets, the federal apparatus started spinning up to enter the fray. President Joseph R.  Biden signed a new cybersecurity executive order on May 12, 2021, that calls for the federal government to adopt a zero-trust architecture. The executive order directs the Commerce Department to create cybersecurity standards for companies that sell software services to the federal government, a powerful motivator in the marketplace.

The 34-page document contained many instructions to agencies and contractors, but one stands out: the requirement to adopt multifactor authentication. Under this order, agencies are directed to take a zero-trust approach to user identity and permissions, authenticating users based on behavior rather than just a password or their location. The order also advises agencies to use multiple ways to confirm a user’s identity when they log on or connect to federal agency systems. The goal is to enable federal IT personnel to identify and detect threats in today’s challenging atmosphere through user behavior instead of relying on firewalls to keep hackers out.

The Zero Trust Project 

Federal agencies of every stripe have begun implementing cybersecurity projects. The Transportation Security Administration (TSA) under the Department of Homeland Security (DHS) issued a security directive that requires pipeline companies to report cybersecurity incidents to federal authorities quickly. A joint action by the Department of Justice (DOJ) and DHS launched a new One-Stop website designed to help businesses reduce their ransomware risk and report suspected cybercrime to the appropriate authorities at StopRansomware.gov The US Secret Service has even published a Most Wanted Fugitives list featuring 10 suspects wanted in connection with financial cybercrimes.

Now The National Institute of Standards and Technology (NIST) is launching a new initiative, dubbed The Zero Trust Project, to explore how zero trust security functions in different business environments. NIST is partnering with 18 technology companies to demonstrate “zero trust” security architectures as it prepares to draft guidance for how zero trust is to be implemented at federal agencies. The initiative is being led by NIST’s National Cybersecurity Center of Excellence.

The companies that will be working with NIST through the National Cybersecurity Center of Excellence to demonstrate the ways that they have implemented zero trust security include: Amazon Web Services, Appgate, Cisco Systems, F5 Networks, FireEye, Forescout Technologies, IBM, McAfee, Microsoft, MobileIron, Okta, Palo Alto Networks, PC Matic, Radiant Logic, SailPoint Technologies, Symantec, Tenable and Zscaler. These companies responded to a notice in the Federal Register to signify their interest.

NIST is operating under pressure, faced with a time crunch created by the directive in President Biden’s executive order that federal agencies to develop a plan for zero trust implementation within an aggressive 60-day timeline. The rush is partly spawned by imncreasing pressure on the federal government to handle nation-state cybercrime threats more aggressively.  The agency has said that the 18 companies participating in the zero trust project will provide examples of integrating commercial and open-source products that leverage cybersecurity standards and recommended practices. The goal is for NIST to develop a new publication that outlines the requirements that federal agencies must meet, The Cybersecurity Practice Guide that also mshes with the concepts and tenets documented in NIST SP 800-207, Zero Trust Architecture.

How Can You Start on the Road to Zero Trust? 


We can put you on the road to zero trust compliance with powerful, affordable secure tools. The number one thing on the zero trust list is: multifactor authentication. You will also gain a host of other protections that keep intruders away from systems and data.

  • Multifactor Authentication (MFA)
  • Single Sign On (SSO)
  • Secure shared password vaults
  • Automated password resets
  • An amazing value
  • And so much more!

We’re ready to help shepherd you into the zero-trust world. Don’t roll the dice with your security for another day.  Contact our solutions experts and let’s get started!

Dark Web ID’s Top Threats This Week


 

Florida Department for Economic Opportunity (DEO)

https://stpetecatalyst.com/zaps/floridas-deo-warns-of-unemployment-data-breach-affecting-nearly-58000/

Exploit: Hacking

Florida Department for Economic Opportunity (DEO): State Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.550 = Severe

Records from more than 58,000 Florida unemployment accounts have been stolen in a data breach. The information was stolen in a suspected malicious insider incident, although details are sketchy. The stolen information was contained in the DEO’s online unemployment benefit system, called CONNECT, and the records stolen fall between April 27 and July 16, 2021. The incident is still under investigation.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.663= Severe

Exposed information includes social security numbers, bank account information and other personal details that users may have stored in CONNECT. The DEO purchased a year’s subscription of LifeLock Identify protector services for all those affected.

Customers Impacted: 58,000

How It Could Affect Your Business: Personal data is the cybercriminal’s bread and butter, especially when financial information is involved because it is quickly saleable in the busy dark web data markets.

IntegraMSP to the Rescue: Building a zero-trust framework is a popular and successful planning choice for a reason. Learn more about how it helps mitigate risks like stolen PII. SEE NOW>>


Yale New Haven Health

https://www.nbcconnecticut.com/news/local/your-information-may-have-been-compromised-in-yale-new-haven-healths-data-breach/2536460/

Exploit: Third-Party Data Breach

Yale New Haven Health: Medical System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.716 = Severe

Patients at Yale New Haven Health are being warned that their information has been stolen in an incident at a third-party vendor, Elekta. That company facilitates cancer treatments and was the victim of a ransomware attack just a few weeks ago that is rippling out to catch many medical institutions. Yale New Haven Health contends that hackers had no access to patient medical records, and a very small number of customers had financial information stolen.

cybersecurity news represented by agauge showing severe risk

Risk to Individual: 2.601 = Severe

Officials said that certain demographic information such as names, addresses, phone numbers, emails, Social Security numbers, treatment locations and preferred languages were included in the Elekta databases impacted by the breach. A small group of people may have had their financial information exposed. Anyone with information that could have been exposed will be notified by mail and people who may have had their financial information exposed will be offered complimentary credit monitoring service.

Customers Impacted: 55,000

How it Could Affect Your Business Medical data is some of the hottest data to sell in dark web markets, earning cybercriminals a substantial profit and this company a substantial HIPAA fine.

IntegraMSP to the Rescue: Are you providing security awareness training to all of your employees? If not, let us show you how to get started in only 15 minutes! CONTACT US>>

Mobile County, Alabama

https://www.wkrg.com/news/mobile-county-commission-notifies-employees-of-data-breach/

Exploit: Hacking

Mobile County, Alabama: Local Government

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.223=Severe

The Mobile County Commission has officially notified county employees of a computer system breach where employee data and sensitive information were at risk the county has announced that certain computer systems were subject to unauthorized access on May 24, 2021, culminating in employee information at risk. This is a developing situation as the investigation winds down. The county had initially stated that no sensitive information was exposed.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.223=Severe

Mobile County alerted all employees, more than 1,600 people, that their information may have been exposed including Social Security numbers, dates of birth and other sensitive information. Also at risk, health insurance contract numbers for employees subscribed to receive health coverage and routing numbers for employees enrolled in direct deposit with the county.

Customers Impacted: Unknown

How it Could Affect Your Business Even a small amount of data is attractive to data thieves who especially love vital information and financial data.

IntegraMSP to the Rescue:  Learn more about the factors that make it easy for employees to make mistakes and how you can mitigate them for a better staff. SEE THIS WEBINAR>>



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.