4 types of cyberthreats and how SASE combats them

Charlotte skims through her email after connecting to a coffee shop’s WiFi on her way to the office. At the same time, David opens his laptop in his home office and remotely logs in to a video conference. Similarly, Ted settles into his morning routine at his office branch, checking through the network security notifications that were flagged to his IT department overnight.

Clearly, the ways we work and communicate look a whole lot different today than they did even two years ago. Shifts toward mobility and cloud adoption are requiring organizations to reconsider how to better connect and secure their offices, users and resources. An IDC study found that 92% of enterprise businesses’ IT environment—including their infrastructure, applications and data analytics—relies on the cloud.¹ This number is only rising with the wide acceptance of remote and hybrid work that accompanied the onset of COVID-19.

New world, new threats

While workplace flexibility provides new opportunities for organizations and their employees, it also presents heightened security risks with remote workers logging on from home on a mixed bag of personal and company devices. A report found that 76% of respondent IT teams admitted that security took a back seat in the effort to prioritize business continuity during the pandemic.²

Yes, that’s a concerning stat—especially when you compare this to the endless cycle of cyberthreats covered by news organizations reporting on the latest ransomware attacks wreaking havoc on every type of organization imaginable. But a glimmer of hope exists with a new blend of solutions—a layered, interwoven fabric of network and security technologies called Secure Access Service Edge—SASE, for short.

SASE is a powerful recent development that incorporates SD-WAN with a comprehensive network security model. While SASE has a long list of benefits ranging from simplified WAN deployment and scalability to increased network performance and cost reduction, what we’ll focus on here is its unmatched edge to edge security—particularly how SASE is emerging as a predominant way to combat cybercriminals and their most commonly used methods of cyberattacks that frequently impact organizations.

Hello, my name is…

When referring to a cyberattack, these are the categories you’re most likely going to find:

• Ransomware: A type of malicious software designed to block access to a computer system by encrypting a cyber-victim’s files. Access to data is locked until a sum of money is paid, for example. Ransomware threats are on the rise and do not discriminate: the top five industries comprising 60% of the targets include manufacturing, financial services, transportation, technology and human resources.⁴ Healthcare, retail and government are not too far behind. SASE stops ransomware in three areas. First is Secure Web Gateways (SWG) using SSL inspection, browser isolation and zero-day threat protection. Second is Zero Trust Network Access (ZTNA) using micro segmentation where remote users are directly connected to apps, not networks. Third is Cloud Access Security Broker (CASB) utilizing Data Loss Prevention (DLP).

• DDoS: A distributed denial-of-service (DDoS) attack is when a cybercriminal attempts to make it impossible for an online service to be delivered by overwhelming it with traffic from multiple sources. With more than 10 million attacks in 2020,⁵ this is a trend that is rising in frequency and scale, and is becoming easier to carry out with the rise of Internet communications and web applications usage. The firewall and CASB components of SASE help prevent external attacks (like DDoS attacks and vulnerability exploits) from getting in and compromising internal resources. Both on-premises and cloud-based networks can be protected by a SASE framework. The framework includes moving DDoS protection to the edge.

• Malware: A software that is designed to disrupt, damage or gain unauthorized access to a computer system. You might recognize malware as a virus, worm, spyware or adware. While the number of malware attacks decreased from 9.9 billion in 2019 to 5.6 billion in 2020,⁶ that could be a direct result of the pandemic. SASE helps to prevent malware from accessing networks by fully encrypting all traffic and collapsing the networking and security stack into an easily managed, unified offering, making it much harder for attackers to insert malicious code into a SASE-protected network.

• MitM: A man-in-the-middle (MitM) cyberattack is a general term for when a perpetrator positions themselves in a conversation between a user and an application to either eavesdrop or impersonate one of the parties to intercept data or gain access to funds. SASE can mitigate threats like MitM by encrypting traffic with remote devices, and uses inspection policies on public networks, such as unsecured WiFi.

The SASE Revolution

SASE is emerging as a way to defeat cybercriminals at their own game by preventing ransomware and malware from accessing industry networks. It eliminates the malicious malware from entering the network by combining core technology components, like SD-WAN, ZTNA, CASB and SWG, to create a secure environment that runs over the widely used public Internet. It prevents malware from spreading across organizations’ cloud and on-premises applications by blocking threats in real time as they are uploaded to applications or downloaded to devices. SASE can even go a step further, by blocking threats if and when an innocent user attempts to click on a malicious link.

Security teams benefit from advanced threat protection solutions that ensure consistent protection for any interaction in the cloud, on the web and in on-premises resources. The fear of cyberattacks is very real. As the threats continue to increase in our highly digital world, implementing SASE as a key line of defense is a decision every business leader should consider.

References

1. “2020 Cloud Computing Study.” IDG. June 8, 2020.
2. “Rebellions & Rejections Report.” HP Wolf Security. September 2021.
3. Brooks, Chuck, “Alarming Cybersecurity Stats: What You Need to Know For 2021.” Forbes. March 3, 2021.
4. “Ransomware Attacks Statistics 2021 – Growth & Analysis.” Cognyte CTI Research Group. August 8, 2021.
5. Hildebrand, Carol and Richard Hummel, “Crossing the 10 Million Mark: DDoS Attacks in 2020.” Netscout. January 26, 2021.
6. “Sonicwall Cyber Threat Report.” Sonicwall. 2021.

VP of Product Management

Mike Frane

Mike is responsible for the company's overall SASE and SD-WAN strategy, as well as the network and security service portfolios. Since joining WE in 2008, he's overseen the launch of MPLS IPsec access elements, Secure WiFi & Analytics, Unified Communications and more.