Security News > 2020 > June > Micro-Segmentation for Endpoints Shows Promising Defense Against Lateral Movement
If a compromise is not contained within the endpoint, it can rapidly spread to other endpoints and across the network.
Segmentation firm Illumio is closing this gap with the release of Illumio Edge - segmentation for the endpoint.
In a research report supporting the release, the firm uses WannaCry and NotPetya as extreme but valid examples of the danger of uncontrolled endpoint to endpoint lateral movement.
"It has been reported," says Illumio, "That a large bank in Ukraine saw its network locked up in 45 seconds with NotPetya. Maersk, a global logistics company, saw its global IT infrastructure crumble in 7 minutes." This was possible because there were no barriers, such as endpoint segmentation, to prevent unfettered - and in this case, automated - lateral movement of the malware from endpoint to endpoint.
Attackers are gaining access through a single endpoint - using phishing or misconfigured services such as RDP - and moving laterally to infect as many other endpoints as possible.