By Reuven Harrison, CTO & co-founder at Tufin
While the WannaCry ransomware infections now seem to be declining from their peak last month, the chaos following the global attack is far from over. The malware that swept around the world infected more than 300,000 computers in 100 countries, and continues to hit companies such as Honda, shutting down production.
In the UK, NHS hospitals were particularly badly hit – possibly because of a reliance on an older version of Windows – and many are still dealing with the aftermath. Like many computer worms, the WannaCry malicious code replicates and spreads itself among networked computers, causing untold havoc within large organisations that rely on vast computer infrastructure – such as the NHS.
And if that wasn’t enough, whilst recovering from the WannaCry attack, many organisations found themselves in the firing line once again, when the Petyawrap (or NotPetya) infection – so named because it masquerades as the Petya ransomware – was unleashed last month. The malware exploded across the world at the end of June, taking out organisations from banks to electricity grids.
This successive attack is further proof that modern IT infrastructures are incredibly vulnerable. But it doesn’t mean that enterprises are defenceless. Attacks like Pertyawrap and WannaCry are only going to increase in frequency and severity unless companies take proactive action that brings order to an otherwise chaotic environment, improving the security of the information systems they maintain in the process.
Luckily, there are solutions that bypass this complexity and transform a “chaotic” enterprise network environment into a more secure and compliant network.
An automated approach to network segmentation is one of the solutions.
Complexity is the reality of today’s enterprise networks. Multiple vendors and platforms, physical networks and hybrid cloud, not to mention network devices and the rules that manage those devices. That’s just half the challenge. Now combine that scenario with the fast pace of change that is required to keep a network operating securely and optimally, with the added potential for human error or misconfigurations, and the level of complexity, and indeed threat, increases even more.
Proper network segmentation divides a network into different security zones which limits the exposure that an attacker would have in the event that the network is breached.
Nevertheless, the reality of a dynamic environment which requires ongoing changes to application connectivity implies a high risk of configuration errors. The potential consequence of such errors is sub-optimal segmentation, which means that events can unfold quickly and escalate into an attack – such as WannaCry – finding its way into your network via just one overlooked open port. This is particularly the case when it comes to poorly managed firewalls.
Applying automation to network segmentation allows security managers to ensure that the network segmentation is maintained throughout all changes without slowing down the business.
So, with IT professionals facing a double whammy of network complexity and increased security threats, our advice is to make sure you plan for chaos and put in place measures that bring order to an otherwise chaotic IT environment.