Blog

WestRock Ransomware Underscores the Need for Zero-Trust in OT

By February 10, 2021 No Comments
WestRock

Image source: scw-mag.com

Last month, $17B packaging company WestRock experienced a ransomware attack, impacting their IT and OT networks – an example of ransomware penetrating through to connected OT environments. While the specific details have not been disclosed, the company released a statement sharing that, “Systems recovery efforts are in process and being implemented as quickly as possible, and teams are working to maintain the company’s business operations and to minimize the impact on its customers and teammates.” 

In addition to financial loss caused by operational disruption, organizations may inadvertently put their own customers and partners at risk of collateral damage when hit by ransomware. But still, today’s cybersecurity techniques remain far too reactionary – detecting compromises once they happen – and it is crucial that businesses employ preventative measures that stop attacks before they have a chance to impact operations. 

Even before the onset of the pandemic, ransomware proved to be a growing problem for cybersecurity executives. But now, with increased demand for remote access capabilities necessitated by COVID-19, ransomware incidents have surged. For instance, Remote Desktop Protocol (RDP) attacks have become more commonplace, breaching organizations’ IT and OT networks. 

In many OT settings, operators use RDP to log into Windows remotely. It connects to Windows’s Remote Desktop Services, which give employees access to their Windows computers from anywhere. But unfortunately, the protocol has a history of exploited vulnerabilities, and is often used in ransomware attacks to breach networks with wormlike penetration. However, by implementing a zero-trust cybersecurity approach, organizations can eliminate single points of entry, protecting their IT and OT networks from compromise. 

With Xage, vulnerable protocols (such as RDP) are never exposed to outside entities, which are terminated inside the Fabric. Instead, Xage provides an interactive remote session for users through a secure browser that’s zero-trust protected. With zero-trust, Xage’s access management solution uses identity as the perimeter rather than automatically assuming trust for any entity that can gain network-segment access. It sets a standard that no trust should be assumed for machines, apps, or users until their identity is authenticated and their access authorized per the security policy. Xage’s zero-trust approach uses identities and credentials to create a secure environment, and allows admins to even customize authorization to permit only a limited set of interactions for only the required duration – preventing broader network access that enables ransomware to infect servers. With zero-trust, single points of entry are closed, preventing any single breach from overflowing into its surroundings.

“As remote access becomes a standard in the industrial space, it’s critical that executives adopt a zero-trust approach to eliminate single points of hack,” said CEO Duncan Greatwood. “With Xage, our security Fabric authenticates and authorizes each interaction, and contains needed communication across security layers by using secure tunnels and protocol termination, preventing the widespread impact of network breaches witnessed in recent attacks.”

To learn more about Xage’s Zero-Trust Remote Access and Data Transfer solution, download our whitepaper.

For more on Xage’s full cybersecurity suite, visit https://xage.com/solutions/.  

White Paper

Download
the whitepaper

The current model of enterprise security is incapable of protecting Industry 4.0 with its intermittently connected, heterogeneous devices and applications, distributed across organizations and geographies. Today’s centralized IT security paradigm needs to be replaced by cybersecurity that is distributed, flexible and adaptive.