Fight Ransomware with Zero Trust
NetFoundry’s Zero Trust 2.0 solution uniquely closes all inbound firewall ports, helping prevent attacks such as the Kaseya VSA attack from reaching CVEs in your network
Zero Trust can thwart malware attacks including ransomware
Completely defeating ransomware is almost impossible. However, we can minimize our attack surface and limit the blast radius. NetFoundry uniquely enables you to close all inbound firewall ports (minimize attack surface) and easily implement app level microsegmentation and least privileged access (limit the blast radius). This architecture would have prevented the Kaseya ransomware attack from hitting the Kaseya VSA servers to begin with.
NetFoundry's open source based platform and Zero Trust SaaS provides businesses, SaaS, ISVs, MSPs, and solution providers with the 4 key modules needed to protect against ransomware and other forms of malware.
You can get started now and try for free, or you can dive into a whitepaper describing the architecture, customer case studies, and use cases.
Secure, app-embedded identity. NetFoundry SDKs enable you to embed secure identity in your apps, using X.509 based identities, rather than relying on IP addresses or other weak identity proxies. With full ZTNA, if ransomware tries to "phone home" or spread, it is denied because it doesn't have the required secure embedded identity.
You don't need to build or manage PKI type infrastructure - NetFoundry provides it as a service.
Authenticate before connect. In a complete ZTNA architecture, the wide open WAN is shut down. There is no data plane connectivity without secure identification and authentication. Since ransomware is not securely identified and authenticated, ZTNA blocks it from "phoning home" to expand its capabilities, nor can it "explore" your WAN to locate additional machines to infect.
Your policies control authentication, and you control it from the cloud via policies, APIs and web console. You don't need to build or manage it - authentication is provided as a service by NetFoundry.
3. Least Privileged Access
Least privileged access and microsegmentation. The NetFoundry platform provides you with application level microsegmentation. Let's say you are an ISV, SaaS provider or MSP. Rather than your customers (businesses) needing to give you a wide range of network access, via insecure VPNs and firewalls, two of ransomware's favorite targets. ISVs, MSPs, and SaaS providers can natively embed NetFoundry ZTNA into applications to block malware and ransomware attacks, so you cannot become a ransomware conduit like Kesaya.
4. Secure Fabric
Zero Trust Network Fabric. NetFoundry Fabric Routers secure all app sessions and close all inbound ports so malware has no access point to exploit. Routers are managed by NetFoundry as-a-service and controlled by your policies via web console or API. The NetFoundry Fabric is the world's largest on-demand software defined network (SDN), and your app securely accesses it from any Internet connection once authenticated and authorized.
Firewalls, SD-WANs and VPNs are some of the most frequent targets of ransomware hacks, malware and other cyber-attacks. The NetFoundry Fabric is critical because it means you no longer need firewalls, SD-WAN controllers and VPNs to be open to the Internet.
How could NetFoundry’s Zero Trust Network Access have prevented the Kaseya ransomware attack?
The Kaseya attack was significant in that the attackers not only breached Kaseya but also infiltrated a large number of organizations connected into the Kaseya software supply chain - approximately 1,500 businesses. Ransomware hackers found a vulnerability in the Kaseya VSA software and exploited it to gain access to the MSP’s and then access to the MSP’s customer’s networks.
Propagation of the Kaseya ransomware could have been blocked with a NetFoundry ZTNA architecture with any of these scenarios:
Kaseya Implements NetFoundry ZTNA
ISVs and SaaS providers like Kaseya can embed zero trust in their software via the NetFoundry SDKs to natively add zero trust inside their application. The Kaseya servers no longer need to be opened to the Internet and will no longer be sitting duck targets for ransomware or other cyber-attacks.
Kaseya MSPs Implement NetFoundry ZTNA
Kaseya’s MSPs can integrate zero trust into their agent software by using NetFoundry SDKs, or by deploying NetFoundry in containers or virtual machines alongside the Kaseya software if the MSP doesn’t deploy software on the customer premises. Either way, the MSP can assure its customers that the MSP has used zero trust to shield it’s systems from ransomware and other cyber-attacks.
Businesses Implement NetFoundry ZTNA
Businesses can require their ISVs, SaaS providers and MSPs to embed zero trust. Or, the business can partner with NetFoundry to deploy zero trust in containers or virtual machines alongside their vendor’s software. NetFoundry provides zero trust as-a-service, and the business has the flexibility to use NetFoundry ZTNA for specific user groups, applications, solutions, or clouds.
With NetFoundry, business can be up and running with ZTNA in hours or days instead of months as required by traditional solutions.
The Kaseya ransomware attack vector would have been thwarted if Kaseya, the Kaseya MSPs or the downstream businesses implemented a zero trust architecture.
Security Foundations Papers
Security Foundations – How Bad Actors Identify and Research Ransomware Targets
Modern businesses no longer just use software – modern businesses are software. All software depends on data. If ransomware finds and encrypts enough critical data, then a business may not be able to operate until it can decrypt and restore its data. This is why ransomware is more dangerous and costly than ever and explains in part the surge in ransomware attacks we are seeing today. Ransomware is now big business!
How do ransomware actors get started – identify targets and research potential areas to attack? In the three part series of papers below, we explore these topics and outline how implementing a true zero trust architecture can greatly mitigate the expansion and multiplication of ransomware across a network. This is critical because ransomware cannot generally ‘break’ a business unless it has captured enough highly valuable business data so that it is in the business’s best interest to pay a ransom.
Security Paper 1: How do Ransomware bad actors find victims?
It is obvious from the news these days that the world is faced with a ransomware epidemic. This is the first of three papers in which we illustrate how ransomware actors seek out potential targets and it is surprisingly simple!READ NOW
Security Paper 2: How Ransomware bad actors scope attack vectors
In this paper, part two in our series, we discuss how relatively simple and automated it is for bad actors to source specific details, much of it available from public (free) sources, about your internet facing infrastructure that can potentially be exploited.READ NOW
Security Paper 3: How can you thwart and disrupt Ransomware attack patterns
In this paper, part three in our series, we outline how with zero trust architectures, strategies and the NetFoundry Zero Trust Platform, you can thwart and mitigate ransomware attack scenarios, and protect your information and organization from being compromised with minimal friction to your users.READ NOW
Don't be a ransomware conduit.
SaaS, ISVs, MSPs, and solution providers need to show businesses how you minimize the risk that your solution could be used as a ransomware conduit. Businesses are increasingly requiring their software and solution vendors embed zero trust as a pre-condition for being awarded business and prior to deployment.
NetFoundry uniquely enables MSPs, ISVs, SaaS and solution providers to embed ZTNA in your solution so that your solution is fortified against ransomware and malware threats. The NetFoundry platform will extend simple, reliable, Zero Trust Network Access (ZTNA) anywhere your apps go, in an iterative manner, without depending on businesses to finish their migration to full ZTNA.
Everyone needs ransomware solutions now. By enabling ISVs, SaaS providers and MSPs to easily integrate zero trust, NetFoundry provides an immediate solution to the ransomware explosion now cascading across the globe.
Ziti Open Source + NetFoundry SaaS
NetFoundry SaaS services are built on Ziti, and serve 100s of TBs of data per month with no breaches and 99.95% availability SLAs.