CDSA

The ongoing cybersecurity threat landscape requires companies to take a zero-trust network security approach, according to Palo Alto Networks.

The company is “not only continuing to see the increased volume of known threats but we also see the increasing volume and ubiquity of new and unknown threats using highly basic techniques to hide themselves from security measures,” Almas Raza, senior technical marketing engineer at Palo Alto Networks, said Sept. 16 during its “Design and Deploy Zero Trust Network Security for Users” online event.

“What we are witnessing here is the different range of threat – from the ones that can be bought over the shelf [and are] very easy to execute all the way to the ones which are highly sophisticated and can be used for the targeted attack,” she noted.

Those threats come in multiple forms, including malware, phishing attacks and ransomware, she pointed out.

The increasingly advanced threat landscape includes known threats and evasive malware, which are the two easiest to execute, as well as fileless attacks, targeted attacks and insider threats, which are the most sophisticated and damaging, according to Palo Alto Networks. Right in the middle are Zero-Day attacks that exploit network vulnerabilities.

In addition to new, never-before-seen attacks, evasion techniques used in modern web-based attacks include: single use links; very short-lived links, such as “malvertising” (online malicious advertising); hiding malicious content through cloaking; malicious URLs hidden in compromised, legitimate domains or websites; and Command-and-Control (C2) URLs that aren’t navigable by search engine and other web crawlers (also known as “spiderbots”) that systematically browse the Internet, according to Palo Alto Networks.

Therefore, “it is highly important for us – more than ever before – to secure all of these different transactions” from the huge volume of attacks that are being seen, Raza said.

In a typical Zero-Day incident, “attackers usually try to deploy and exploit against a vulnerable application or system within your network because this allows attackers to gain an initial entry point into your organization,” she explained.

Next, attackers will “try to download and install an additional piece of malware into your system, most likely by using a different type of compromised URL or website,” she said. “Once that is done, the next step is they will try to establish a communication channel between that compromised machine and the command-and-control center.”

That is “also the point where the attacker will go to move laterally to have access to the other resources in your network or attack other machines in your network.,” she warned.

“To fight against this modern day, multi-stage attack, you need a solution that can provide multiple layers of protection for each of these different stages” of an attack, she went on to say.

The Palo Alto Networks wi-fi security service can help, she said, noting it is able to analyze threats that are “truly unknown and never seen before,” using dynamic analysis and machine learning capabilities.

During the online event, the company also provided practical implementation tips for deploying zero-trust security based on the latest capabilities in machine learning-powered next-generation firewalls.