Isolation and test strategies – hardening of society in the midst of Corona

Due to the Corona virus we have learned and re-learned a lot of new words lately: Test strategy, Isolation, Social distancing, and Sanitizing are just some of them. Also, we use and value protective items like hand sanitizers, masks, goggles and in some instances full-body suits to protect against the virus.

With the Corona virus, incubation is fairly long, increasing vulnerability meanwhile. Lethal, at worst, but fortunately mainly under special conditions and if the exposure to the virus has been very high.

Isolation and test strategies – hardening of society in the midst of Corona by Improsec

Additionally, we have learned about the need for resilience in our society. Resilience may unfortunately only arise, if our society is immune through mass-infection or vaccination. While we wait for a vaccine to arrive; isolation, social distancing or be confined to smaller groups and create a thorough and consistent strategy is vital.

Ransomware as a comparison to Corona

The recommendations to strengthen resilience against Ransomware are somewhat similar to the Corona virus.

Ransomware strikes seemingly out of nowhere and may stay latent over a longer period of time and strike at full force, especially if countermeasures are limited and vital systems are hit.

Like the Corona virus, protecting IT has focused on minimizing the attack surface. Anti-Virus software, Firewalls, IPS/IDS, efficient backups and so forth are all part of our mitigating measures.

However, it only takes one small accident or mistake with the mitigating measures before virus or ransomware strikes, and the organization is hit by a strong - and often rapidly spreading - infection.

We could, however, use our recently gained knowledge about Corona as a reference to mitigate, contain and reduce the spread of infection, when things go south.

The relation to IT – comparison and advice

Just as with the preventative measures against the Corona virus, I have taken a practical approach.

Isolation:

Isolation may, as part of our hardening, be applied on many ways.

History has taught us, that one of the weak points in many organizations is the Active Directory (AD). Segmentation, or tiering, of the AD, such that critical systems, servers and users and their machines are separated into groups. This way, infection between the groups is minimized, and the severity of the attack is lessened.The use of strong passwords and securing roles or accounts with privileged access is naturally important.

Distancing:

Limiting the roles and related privileges on a PC or in a network, again to minimize the spread of infection.

Network segmentation and extra protection of critical systems so only allowed traffic can reach said systems, to stop the spread of the virus over the network.

HARDEN:

Harden laptops and server, limit and control use to the applications and components necessary, to minimize the spread of infection.

Test strategy – Sanitize:

Just as the population of a Corona virus-hit country should be tested to measure the spread of the virus, IT systems must also be tested against vulnerabilities and misconfigurations.

Software is designed by humans, and humans make mistakes, resulting in vulnerabilities that may be exploited by attackers. Laptops and servers, webserver, customer systems and databases – everything can be vulnerable.

IT systems should be tested to identify these issues on all levels.

Both our roles, our privileges on individual systems, the systems themselves and the software (and hardware) should be the center of attention in tests.

Stay alert:

Irrespective of the role and responsibilities of any employee, everyone should be aware of both threats, mitigating actions and reporting responsibilities. 

Isolation and test strategies – hardening of society in the midst of Corona by Improsec

We should of course always protect ourselves with the usual IT security protective mechanisms.

But it does not take a lot, until it all goes wrong.

To stop a single infection from spreading and causing a long lockdown, it is worth considering both the test strategy and the different levels of isolation in the infrastructure.

Be resilient – and stay safe

As listed above, there are many ways to strengthen and secure your IT environment. Recommendations are somewhat like ones related to the Corona virus.

If you would like to discuss how to secure and harden your own environment, please reach out. I am more than happy to discuss this in further details with you.

Stay safe out there!

Kim Høse

2199 0410 / kho@improsec.com

Get in touch Today for a safer Tomorrow…