The recent supply chain attack on the software build system of US firm SolarWinds’s Orion infrastructure performance monitoring platform makes it painstakingly clear how important it is for remote workers to have the right security tools at hand.
And although there are many benefits to a Work from Home (WFH) environment, this phenomenon has created new opportunities for cyber attackers to target remote workers who don’t have the benefit of corporate firewalls and other defences to keep them safe. This has significantly raised the security stakes when accessing the corporate network from home.
In the case of the SolarWinds breach, hackers managed to access a system used by the company to build updates for the Orion platform, inserting malicious code into an otherwise legitimate software update. Once deployed, government agencies and other organisations automatically downloaded and installed the infected software.
While this attack is known to have mostly targeted high-value US federal agencies and about 100 private firms, it’s mistaken to think it only targeted the US. This was a global cyberattack that has long-term implications for Australian organisations in the legal, finance, healthcare and government sectors.
The Australian Cyber Security Centre (ACSC) noted in January that multiple Australian organisations were using Orion, meaning they were exposed to the Sunburst backdoor within the software, even if none of these organisations reported instances of further compromise.
State-backed attackers are not the only threat. Slovak antivirus vendor, ESET, recently reported it had seen a whopping 768 per cent growth in attacks on Microsoft’s remote desktop protocol (RDP) for Windows from the beginning of 2020 to the year’s end. RDP, a key tool for remote working, has been widely exploited to spread ransomware.
It’s no longer about a network of PCs behind a firewall, but laptops, Android phones and iPhones out in the wild that are being used to access critical business information. Tools like legacy VPNs just aren’t good enough any longer – once an employee’s credentials have been stolen, bad actors can move laterally throughout the network with very little effort.
At NetMotion, our SDP, VPN and Experience monitoring technologies are improving lives of remote workers everywhere, and trusted by more than one million workers in over 3,000 organisations to stay secure, protected and connected. NetMotion’s newly launched cloud platform is built on Microsoft Azure to take advantage of NetMotion’s zero trust network access (ZTNA) technology, enterprise VPN and experience monitoring capabilities.
Our approach to cloud, zero trust and secure remote access ticks a lot of the boxes within the SASE (Secure Access Service Edge) framework, too. SASE was originally coined by Gartner in 2019 and is now considered the new frontier in cybersecurity. It is not a product category or technology, like the software defined perimeter (SDP) or VPN, but a broader cloud-based framework for managing endpoint devices in a world where networks are borderless. At its core, SASE represents a set of network and security technologies designed to protect the user at the ‘edge.’ This principle is even more prevalent in a world where cloud adoption is at record levels and remote working has been thrust into this new degree by the COVID-19 pandemic.
Taking a step back, a recent NetMotion survey conducted in Australia, the UK, Germany, Japan and the US, found that many organisations still lack a true understanding of SASE. However, Australian IT leaders proved to be comparatively ahead of the pack when it comes to SASE, with 78 per cent being able to confidently explain the principles of the framework; well above most other markets, including the US, where only 67 per cent of IT professionals could do so. Likewise, 86 per cent of Australian IT professionals are or have already adopted a zero-trust posture, which is above the average of 77 per cent for other markets. Australian IT leaders employ more WAN optimisation networking solutions than any other market, which could be chalked up to the bandwidth availability issues faced by many Australian organisations. The survey also revealed that over half of respondents were using a VPN. VPNs have been particularly popular with law firms and financial service organisations during the pandemic (56 per cent and 49 per cent, respectively), while 56 per cent of private-sector organisations reported having utilised VPNs for their employees. In the public sector only 29 per cent of business leaders reported VPN adoption, and instead prioritised cloud secure web gateways (SWG) (37 per cent) and firewall-as-a-service (42 per cent).
The News Highlights
- Services says-“Our Remote workforce needs to more secure than ever before”
- Check the latest update on Security news
For Latest News Follow us on Google News
- Show all
- Trending News
- Popular By week