Military Review

The Pentagon is implementing a "zero trust" strategy to protect its servers from cyberattacks

17
The Pentagon is implementing a "zero trust" strategy to protect its servers from cyberattacks

The new anti-hacking strategy of the US Department of Defense is called “zero trust”. Its essence lies in the fact that the network is considered to be already subject to a cyber attack, and any user or account owner who performs actions on it is a potential threat.


With zero trust, we assume that the network has already been compromised, and with the help of repeated user authentication and genuine authorization, we will in every possible way prevent the attacker from moving around the network, as well as quickly identify him and reduce the damage and vulnerability that he could exploit.

Randy Resnick told reporters ahead of the release of a new network security strategy.

Many skeptics argue that this strategy is five years or more late, and while they may be right, its main message is that the Department of Defense has changed its attitude to cybersecurity very much, and they want to make it a benchmark for other departments in the near future. . Developers of the ideas of the "zero trust" strategy solve security problems architecturally, striving for a long-term and measurable effect.

The 29-page strategy paints a very disturbing picture for the US Department of Defense information segment, which is under widespread and constant attack from known and unknown attackers. It names both individuals and those sponsored by the states of opponents, especially, as they say in the States themselves, China. At the same time, it is said that allegedly the Chinese very often violate the “calm of the network space” of the Pentagon.

The cyber attack strategy is broken down into types of zero trust targets. The first stage is prefixed with "target" zero trust. It represents the required minimum set of actions that the Department of Defense and its divisions must complete by Fiscal Year 2027.

More global requirements are included in the "extended" zero trust, which should provide the highest level of protection. In total, 152 necessary “actions” are identified in the strategy. 91 points must be completed to achieve the target zero level of trust, and 61 more actions, according to American authors, will make the US Department of Defense IT system completely secure.

Although the strategy does not point to specific technologies or solutions, it is a list of requirements and algorithms that the US Department of Defense must implement in order to achieve targeted and advanced levels of security.
Author:
17 comments
Ad

Subscribe to our Telegram channel, regularly additional information about the special operation in Ukraine, a large amount of information, videos, something that does not fall on the site: https://t.me/topwar_official

Information
Dear reader, to leave comments on the publication, you must sign in.
  1. ANB
    ANB 23 November 2022 20: 04
    +5
    Initially, a network based on AD and screw domains is heavily leaky. Although convenient for administrators. The Pentagon will have to switch to linux with samba. And manual authorization in the DBMS.
    1. alekseykabanets
      alekseykabanets 23 November 2022 20: 42
      0
      "Zero Trust" is a security model developed by former Forrester analyst John Kinderwag in 2010. Since then, the "zero trust" model has become the most popular concept in cybersecurity. Recent massive data breaches only confirm the need for companies to pay more attention to cybersecurity, and the Zero Trust model may be the right approach." Taken from habr. https://habr.com/ru/company/varonis/blog/472934/
      I'm not a cybersecurity expert, but I think it's one of the best security strategies in any large company today.
      1. Leader_Barmaleev
        Leader_Barmaleev 24 November 2022 03: 42
        +3
        She is not one of the best, she is simply the best, but as always there are nuances. If you just turn on the computer, surf the Internet, create and send a document - let's call it a household level - then yes, this is an absolutely wonderful strategy in which each action can be controlled in a "manual" mode. With the electronic document management of a large company, when documents and archives are created and sent automatically, such a strategy will not work at all - a filter with zero trust will not be able to process endless data streams and will simply block the exchange. Personally, it tires me - the pentagon without communication with the world good
  2. Armen Sologyan
    Armen Sologyan 23 November 2022 20: 12
    -6
    There is also a new tool against hacker attacks on Russian servers. The hacker breaks into the server and at the same time receives a portion of the virus. The hacker does not know about this because the programs are divided into microprograms. With each hack, a special program accumulates on the hacker's computer. And with another hack, a signal comes to activate the program.
    1. Leader_Barmaleev
      Leader_Barmaleev 24 November 2022 03: 48
      +5
      A dumb hacker is an oxymoron. If some third grader imagines himself a hacker, this does not mean at all that he has become one. Normal hackers first put protection from unexpected people and only then they are smart. But it seems to me that third-graders already know about the bugheads on the proxy server, if dinosaurs like me know about them bully
      1. Armen Sologyan
        Armen Sologyan 24 November 2022 04: 54
        -4
        In 1 second, you can transfer a sufficient piece of the firmware and the antivirus, no matter how powerful it is, will not notice this, and the firmware is accumulated and connected. These are the realities of artificial intelligence firmware.
        1. Leader_Barmaleev
          Leader_Barmaleev 24 November 2022 07: 21
          +3
          My friend, in a second you can gut and shake up any computer. That is why real hackers use a "junk computer" to which nothing is connected. A debugger program works on it in manual mode, which cleans up everything superfluous. Packages to be sent to this computer are downloaded safely (conditionally "via a flash drive"). After the exchange of info packets, such a computer is formatted most severely, or everything that could work with info in it is physically replaced with a zero one. These are the very basics of hacking - even shkolota knows them. That is why hackers are very difficult to catch.
          1. Armen Sologyan
            Armen Sologyan 25 November 2022 08: 03
            0
            Now it's the 21st century!!! The competent authorities know about all this and do not advertise their developments. What they say officially on TV means that in the West they already know about it and no longer hide it from their own people. It is really difficult to catch hackers, but the difference between Russia and the West is that as soon as they are caught there, they immediately begin to blurt out everything in the media, and we have the principle "found, caught and use for your own purposes." Spies used to be shot, but now they are brainwashed so that they themselves come over to our side. And they don't regret it.
  3. Predometrix
    Predometrix 23 November 2022 20: 16
    -3
    Cut the wires, turn off the wifi - that's the perfect protection for you.
  4. Fangaro
    Fangaro 23 November 2022 20: 27
    0
    Do our specialists have the entire document?
    And a personal opinion...
    The more actions the user needs to take to start doing his job, the more actively he tries, often on his own, without consulting anyone, to find ways to get around "all this garbage that programmers invented."
    Cutting wires and turning off Wi-Fi is a good option to keep hackers out. But then how to transfer information back and forth? Flash drive via DHL?
    It's a bit of a joke. Please do not downvote if there are other solutions that do not lie on the surface.
    We are discussing not ourselves, but the main potential enemy.
    1. Predometrix
      Predometrix 23 November 2022 21: 12
      -2
      Quote from Fangaro
      Cutting wires and turning off Wi-Fi is a good option to keep hackers out. But then how to transfer information back and forth? Flash drive via DHL?


      Somehow, two thousand years before the Internet, information was exchanged and no one died. laughing Joke.
      We cut off tightly all Internet access from secret computers. If it is necessary to transfer data, a wire is connected to the computer, information is transmitted and turned off again. A hacker will not be able to quickly find and connect to such a computer, because before connecting to the network, he does not even know about its coexistence.
      Option B - secret computers are disconnected from the public network, you need to transfer data - we dump it on a USB flash drive, with a flash drive we go to a separate computer and already through it.
      1. bk0010
        bk0010 23 November 2022 22: 06
        0
        Quote from Predometrix
        We cut off tightly all Internet access from secret computers
        They cannot be, in principle, not certified for processing.
        Quote from Predometrix
        you need to transfer data - we dump it on a USB flash drive, with a flash drive we go to a separate computer and already through it
        Everything is much more hemorrhoids. A flash drive must be accounted for, put in a regular one - the SZI will block it, but all the same - the car for reformatting, and you - on the carpet. And many more hosted hemorrhoids.
  5. ASM
    ASM 23 November 2022 21: 03
    +1
    The end of real-time decision making. Any order must be confirmed by a higher authority. It's at the grassroots level. Further, there will only be more acknowledging authorities, and even the decision to use nuclear weapons will simply drown in approvals. This, of course, is good, but no one will trust anyone on a phone call.
  6. Real Pilot
    Real Pilot 23 November 2022 22: 25
    +1
    The slogan was born: "Give the transition of zero trust to zero efficiency!"
  7. Rustic
    Rustic 24 November 2022 05: 00
    -1
    Correctly. Every 5 minutes of working at the computer, the user needs to confirm authorization with a new complex password from the list of passwords on paper. And every half hour, past the confirmation of the user, the authorization of the user must also be confirmed by his manager. And every 4 hours, new lists of passwords should be generated and printed, which the head of the Pentagon should endorse.
  8. evgen1221
    evgen1221 24 November 2022 05: 59
    0
    Some kind of provocative article, from a series, look at the comments and choose the most feasible options. Those espionage however
  9. Slavianin_37
    Slavianin_37 24 November 2022 20: 21
    0
    Unfortunately, I didn’t understand much, because. in another area, my bread, but then I remembered .... not to myself))
    I'm on the subway, in front of me is a dude with a backpack. On the clasp of the backpack, a bright such flash drive is dangled. After two stops, he could not resist and carefully removed it. I dragged myself home satisfied, stuck it in the computer, the computer burned down ... Now I tied it to my backpack)