How to Defend Against Ransomware with LAN ZeroTrust

The first recorded ransomware attack occurred in 1989. An AIDS researcher named Joseph Popp mailed floppy disks around the world to attendees of the World Health Organization's AIDS conference. A few days after the floppy disk was inserted, the malware it installed locked the computer and demanded a $189 payment to a PO box in Panama.

Unfortunately, ransomware has become increasingly sophisticated and devastating since then. It dominates news headlines. It's expected to cost victims over $265 billion by 2031, with a new attack taking place every 2 seconds. In June 2021, President Biden and other G7 leaders agreed to a set of concrete actions around key priorities responding to the ransomware threat. Ransomware-as-a-Service, which is industrializing ransomware through a subscription-based model using already-developed tools, has proliferated. Now, even the least tech-savvy criminals can purchase and deliver highly effective and targeted attacks against every business.

The ransomware crisis isn't only affecting governments and enterprises. Given the significant investments that governments and enterprises have made to improve their security programs, threat actors are shifting their focus to easier targets. With limited time, budgets, and resources, many small and medium-sized (SMBs) grapple with how to effectively deal with the significant business risks ransomware—and other security threats—present to their business.

This is a problem that businesses cannot afford to ignore. 60% of SMBs that experience a cyber incident are out of business within 6 months. Ransomware is designed to encrypt all your data and prevent access to systems, making it nearly impossible for businesses to function given their reliance on technology to operate. The opportunity costs, system downtime, brand damage, loss of trust, incident response costs, and so much more add up very quickly.

But it's not all doom and gloom. There are networking and security strategies that are highly effective against ransomware. One such best practice is highlighted in the recent White House Executive Order on Improving the Nation's Cybersecurity: Zero Trust Architecture. Zero Trust, as defined by Forrester, has four basic principles:

  • Assume every network is hostile
  • Create an invisible network to operate in
  • Segment and isolate users and applications
  • Deemphasize the physical network and perimeter, implement security everywhere

These principles are what our revolutionary networking and security platform was built on. With it, we can provide advanced prevention and response against ransomware attacks using a unique technology called Local Area Network (LAN) ZeroTrust.

To understand how it works, it's important to understand how networks typically function. Most networks assume devices connected to an internal network behind a firewall are safe and allow traffic to freely flow. Ransomware banks on this assumption. Threat actors aim to infect one device, and then spread laterally across the entire LAN to lockdown and encrypt everything.

LAN ZeroTrust overcomes this with granular segmentation and a deny-by-default design. This means that devices can no longer freely communicate with other devices on the LAN without explicit exceptions, for example, a specific device to a printer. It also allows us to add a layer of protection for sensitive applications and services by requiring users to authenticate to access them. Once they do, they can only access that specific asset and nothing else. Devices also cannot see each other, which means employees working from home, co-working spaces, hotels, coffee shops, and everywhere else are invisible on that network.

These capabilities make it far more difficult for a device infected with ransomware or controlled by a threat actor to spread to other devices on the network. Other devices will be able to safely function and access applications without any interruption. With our LAN ZeroTrust capabilities, businesses can regain their confidence knowing that they'll be Always Connected. Always Protected.™

Contact us today to see how we can help defend you from ransomware and other threats with our all-in-one networking and security platform.

Subscribe to Lewis IT Bin

Sign up now to get access to the library of members-only issues.
Jamie Larson
DigitalOcean Referral Badge