Feds Tackle Growing Ransomware Risks With Zero Trust

The commander of the U.S. Cyber Command and director of the National Security Agency (NSA), Gen. Paul Nakasone, declared ransomware a national security threat in 2021 following compromises to critical infrastructure and key resources. The SolarWinds and Colonial Pipeline attacks, along with virtual network expansions, have forced organizations to build a stronger cybersecurity infrastructure to better detect security risks.
Recent progress in zero trust and privileged access management (PAM) solutions are helping combat these evolving ransomware threats, especially amid what’s called ransomware-as-a-service (RaaS), a subscription-based model that enables affiliates to use already-developed ransomware tools to execute their attacks. With these types of models, bad actors and adversaries do not have to be well versed in ransomware in order to use the tools for attacks.
This contributes to as much as a 200% rise in ransomware attacks in the past two years in the U.S., according to a 2021 report from Delinea.
The shift from “vertically oriented” threat actors, who make and then attack organizations using their own bespoke ransomware, to the RaaS model where one group builds the ransomware and then leases the use of that ransomware out to specialists has changed the threat landscape and increased scale and number of attacks.
In 2022 and beyond, the RaaS business model will continue to dominate the threat landscape for ransomware attacks, according to another report from Sophos. This model enables ransomware developers to continue to improve the attack vector and increase attack intensity, without slowing attacks.
“We’ve already seen these RaaS threat actors innovate new ways to break into progressively more well-defended networks, and we expect to see them continue to push in this direction in the year to come,” the Sophos report said.
As cyber threats become more prevalent and sophisticated, the Biden administration is directing agencies to improve defenses to prevent, disrupt or mitigate attacks. The White House Executive Order on Improving the Nation’s Cybersecurity takes a holistic approach to securing networks, requiring agencies to shift toward zero trust architectures and adopt advanced security solutions.
PAM solutions are key here. By enforcing “least privilege” principles, organizations can prevent credential harvesting and lateral movement, reducing attacker dwell time and making it more difficult to use ransomware tools. Plus, PAM policies enable security teams to identify the attack entry point, understand what’s happened, help remediate and ultimately protect restored data — the end goal of any zero trust approach.
“Least privilege is one of the many essential components of zero trust,” DLT Chief Cyber Security Technologist Don Maclean said during a GovFocus earlier this year. “All human systems and users only have the privilege they need to do their jobs. I’ve been involved in least privilege exercises, and what you find is, often, with the hurry to get things done, excessive privileges are given and you don’t want to sit there and parse out what they don’t need. Once people have privilege, they feel privileged and important. Rescinding those privileges becomes an exercise in human management and knowing what they actually need to do their jobs. That’s just one example of the types of cultural things that will be difficult in implementing a zero trust program.”
The NSA recently released guidance for embracing a zero trust approach, noting these “principles can better position [cybersecurity professionals] to secure sensitive data, systems, and services.”
NSA’s 2021 Cybersecurity Year in Review outlined how NSA worked to prevent and eradicate threats to critical systems over the past year. One of the agency’s top highlights was working with partners, through its Cybersecurity Collaboration Center, to respond to national-level threats, like SolarWinds and multiple ransomware attacks on U.S. critical infrastructure.
“While many of our mission successes must remain classified, I’m proud that we can showcase how NSA Cybersecurity helps contribute to securing the nation in this report,” said Rob Joyce, NSA’s cybersecurity director, according to a press release. “The successes really show the value NSA cybersecurity delivers through its foreign threat intelligence insights, partnerships and expertise.”
NSA worked collaboratively to analyze cyber threats and share insights through its foreign signals intelligence about the cyber criminals profiting from ransomware and their infrastructure. The agency alongside U.S. Cyber Command and other government and industry organizations pursued the actors, capabilities and finances driving global threats.
“Throughout the effort, NSA ensured that its threat intelligence was disseminated at the lowest possible classification level, so that it generated outcomes,” the report said.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
NSF Wants Industry Driving Quantum Innovation
The agency is pushing for partnerships to enhance the research community as Congress weighs additional legislation.
3m read -
White House Science Chief: US-Driven AI Sets Global Standards
Michael Kratsios outlined how American AI technology on the global stage will help standardize the tech and counter China’s influence.
5m read -
Modernizing Critical Infrastructure in the Face of Global Threats
Officials are expanding the latest strategies in boosting defense infrastructure, including securing satellite communications, upgrading enterprise-wide technology, optimizing data management.
20m watch -
Trump AI Orders Call for Speed in Building Infrastructure
The directives call for expanding AI infrastructure, streamlining federal permitting and promoting AI exports.
4m read -
DOD Accelerates Software Modernization with Agile DevSecOps Push
The Pentagon's software implementation plan tackles cultural hurdles and integrates security early to deliver critical capabilities faster.
6m read -
White House Unveils AI Action Plan to Secure Global Dominance
The strategy outlines steps to accelerate private sector innovation, build critical infrastructure and advance U.S. leadership in AI policy and security.
3m read -
VA's Platform One Powers Rapid Innovation to Bolster Digital Services
VA's Platform One accelerates software development timelines from weeks to hours, ultimately enhancing digital services for veterans.
5m read -
Federal Leaders Receive Federal IT Efficiency Flywheel Awards from GovCIO Media & Research
Five federal IT leaders received Flywheel Awards for driving innovation and modernizing technology at the Federal IT Efficiency Summit.
5m read -
Doing More with Less is Muscle Memory for IRS, Former Deputy CIO Says
Darnita Trower discusses her experience, the legacy she’s left behind and how she pushed the IRS to modernize itself,
20m watch -
Opinion: Original Intelligence Is the Missing Piece for AI Transformation
Limitations of AI agents and development drive growing needs for workforce development and "original intelligence."
3m read -
VA CIO Targets Modern IT and Smarter Workforce Alignment
Agency leaders told lawmakers they are focused on trimming legacy systems and restructuring its workforce to streamline operations.
3m read -
Pentagon's $200M AI Contracts Signal Broader Effort to Transform Talent
The Army is leveraging Silicon Valley, reservist programs and new hiring strategies to integrate critical digital skills in its ranks.
5m read