10 WAYS A ZERO TRUST ARCHITECTURE PROTECTS AGAINST RANSOMWARE
Ransomware is the biggest threat to digital business.
While ransomware has been around for decades, its prevalence has exploded over the last two years. These attacks used to be perpetrated by individuals; now they’re launched by networked groups of affiliates who buy and sell each other’s specialized skills and toolkits. Attacks were once unfocused and one-dimensional; now they use targeted, multi-layered tactics that are much harder to defend against and that command much higher ransoms. Ransomware is expected to cause $20 billion in damages by the end of 2021.
Arguably, the most impactful trend in modern ransomware is the advent of double-extortion attacks, in which attackers steal data and threaten to publish it in addition to encrypting it. Roughly 50% of ransomware attacks now include attempts to exfiltrate data.
There is one underlying strategy that maximizes an organization’s chances at mitigating the damage a ransomware attack might cause: zero trust.
Zero trust is an approach to security that’s based on the notion that a breach has already occurred. Architectures, access control policies, and monitoring and authentication tactics are put in place to mitigate the amount and severity of the damage an attacker can cause