Network Segmentation is the act of dividing one network into several pieces or sub-networks. In just the last few months, several worldwide hacks of various networks and corporations have taken place and have crippled many systems. These are just the latest in a series of events that highlight weaknesses in our so-called secure networks.
Network Segmentation is a tactic that provides one more layer of security – and as we well know, security is best achieved by implementing it in layers. We at 24By7Security are very familiar with it as part of our Defense in Depth 2.0 model.
Benefits of network segmentation
Network Segmentation could have reduced or even prevented major hacks. One example of this is the 2013 Target breach. Hackers gained access using the information of a third party HVAC vendor. It was through the network the HVAC was located in, that hackers were able to breach and gain access to sensitive data like customer names, addresses and more.
Network Segmentation could have also greatly minimized the damage of the worldwide ransomware attack WannaCry. WannaCry is a type of ransomware that exploits a flaw in Windows computer’s SMB (Server Message Block) protocol. This attack crippled several countries and many different systems. Banks, hospitals, universities, transit systems and parts of government were hit and went into a state of disrepair. This attack was so widespread for many reasons, but one of the bigger reasons was that it was also a worm. While it took over and encrypted files on one computer, it looked for more vulnerable devices on the same network and kept spreading accordingly. The damage could have been contained if those networks had been segmented.
The last example that this blog will mention is Petya. Petya is the most recent attack that has affected systems and networks all over Europe but has mostly been centered on Ukraine. Some of these systems include the central bank, the airport, the metro, an electrical supplier and the state telecom. Just like WannaCry, Petya has had no trouble spreading and infecting other computers on the same network. Again, network segmentation could have limited the extent of damage caused.
Creating a network segmentation strategy
Segmenting networks is not typically an easy task and requires significant investment of time, resources and money. An organization must have a comprehensive network segmentation strategy.
Following the ages-old policy of “Divide and Conquer” may now be taking a new twist with corporations implementing network segmentation to divide and conquer against ransomworms and other types of cyber attacks.