Moving beyond perimeter security: Lessons from the TunnelVision attack

In the world of cloud security, we've seen some eye-opening developments lately, and the "TunnelVision" attack is a prime example. This sophisticated exploit targets VPN vulnerabilities, forcing traffic outside the encrypted tunnel that’s supposed to keep it safe. By manipulating the DHCP server, attackers can override routing rules and redirect VPN traffic through their server, making it easy to read, drop, or modify the traffic. According to a new report from Zscaler, "VPN attacks are on the rise. 56% of organizations experienced one or more VPN-related cyberattacks in the last year" (Zscaler, 2023). This isn’t just a minor glitch; it’s a major wake-up call for anyone relying heavily on VPNs for secure communications. It shows that our current security models, especially in hybrid cloud environments, need a serious upgrade.

Now, let's talk about why relying solely on network perimeter security just doesn't cut it anymore. The old "secure the perimeter" method simply can't handle sophisticated attacks like TunnelVision. To truly protect your environment, you need to consider the entire Software Development Life Cycle (SDLC), the process of building software from planning to deployment and maintenance. This involves taking actions to limit damage if something goes wrong and part of the application or infrastructure is compromised. But baking security into the development process from the start is no easy task for developers. From tracking their software dependencies properly, to writing code with security in mind, to setting up appropriate identity and access management workflows, the challenges are numerous. But these principles are key in adopting a zero-trust approach.

Zero-trust means there's no implicit trust within the internal environment. Every interaction, whether it's between users or workloads, must adhere to strict security principles, as if they were out in the wild. In essence, it's like treating everything inside your company as if it were on the public internet—nothing gets a free pass.

Moving Beyond Traditional Security Models

In light of these challenges, our CEO recently highlighted the inadequacies of traditional security models, emphasizing the necessity of moving beyond perimeter security. “It's clear that we need to adopt more comprehensive and integrated security practices,” he said. This rings especially true when you consider balancing security constraints with developer productivity and fostering innovation. Configuring security for cloud-native applications involves dealing with complex workload IAM rules, network policies, egress controls, and application credentials. Without the right tools, developers spend countless hours crafting and updating these configurations, which slows down development and opens the door to potential security risks from misconfigurations.

This is where Otterize comes in. Our mission is to reduce the cognitive load on developers by simplifying IAM management and limiting the blast radius in case of a workload compromise. We achieve this through our solution, Intent-Based Access Control (IBAC), which allows developers to declare their access needs in a straightforward, human-readable format. IBAC then automates the configuration of security policies, ensuring continuous compliance without the need for deep security expertise. By standardizing security configurations across different domains and reducing misconfigurations, Otterize also reports the current blast radius based on the existing security setup. This approach not only simplifies the developer's life but also makes it easier for SecOps to enforce their decisions and rules within the workflow. We work hard towards improving collaboration between developers, platform teams, and SecOps, creating a more integrated and efficient security process.

Simplifying Security with IBAC

IBAC significantly simplifies security workflows and helps mitigate risks highlighted by attacks like TunnelVision. Imagine an attacker gains access to your application, which makes calls to internal services and external serverless or cloud IaaS components. If the access controls are too permissive, the attacker could escalate privileges and deepen their attack, causing widespread damage.

Traditionally, securing such an environment involves a complex series of steps: setting up IAM rules, configuring platform RBAC and application credentials, implementing network policies, and managing egress controls. Each step requires meticulous attention to detail and a deep understanding of both platform and cloud security best practices.

With IBAC, this process is dramatically simplified. Developers declare their access needs using ClientIntents, a resource that represents the developer’s intent. For instance, if your application needs to access a serverless database, you would specify the necessary permissions in a straightforward format. IBAC translates these intents into the appropriate IAM policies and infrastructure configurations. This not only saves time but also reduces the risk of misconfigurations that could lead to security vulnerabilities, thus preventing potential privilege escalation and limiting the blast radius in case of a compromise.

How IBAC Bridges the Gap Between Developers and Security Teams

IBAC’s benefits extend beyond just simplifying configuration. It also enhances collaboration between developers and security teams. By providing a clear, declarative model for access control, IBAC ensures that both teams are on the same page regarding security requirements. Developers can focus on building features, confident that their security needs are being handled correctly, while security teams can trust that policies are being enforced consistently and correctly.

Moreover, IBAC is not a set-it-and-forget-it solution. It continuously monitors your application’s traffic patterns and updates access controls as needed. If it detects an unusual access attempt, it can automatically create a pull request for review, ensuring that any changes to the security posture are tracked and approved. This adaptive approach ensures that your security policies evolve with your application, maintaining continuous compliance and reducing the attack surface.

The Future of Security: Automation and Declarative Models

The future of security lies in automation and declarative models. Tools like IBAC enable a proactive approach to security, ensuring that configurations adapt as applications evolve. Adopting these modern practices will be crucial for maintaining robust security in cloud-native environments. Declarative access control models provide the flexibility and automation needed to manage the complex security requirements of today’s cloud-native applications.

Looking ahead, it’s clear that the old methods of manual configuration and perimeter security are no longer sufficient. The rise of hybrid cloud environments and the increasing sophistication of cyber threats demand a new approach. By embracing automation and declarative models, organizations can stay ahead of the curve, ensuring that their security practices evolve in step with their applications.

Empowering Developers and Enhancing Security Posture

A key takeaway from our journey with IBAC is the importance of empowering developers. Security should not be a roadblock that slows down development. Instead, it should be integrated seamlessly into the development lifecycle, enabling developers to innovate quickly and securely. By providing tools that simplify security configurations and automate policy enforcement, we can turn developers into proactive participants in the security process. This not only improves the security posture of the organization but also fosters a culture of shared responsibility. This collaborative approach is essential for achieving both agility and resilience in today’s fast-paced development environment.

The TunnelVision attack serves as a by-the-book example for the limitations of traditional security approaches. By embracing modern practices like IBAC, organizations can enhance security while maintaining developer productivity. It’s time to adopt comprehensive security solutions that evolve with your applications. 

For more information on how Otterize can help secure your cloud-native environments, take a sneak peek at our technology or join our growing community and join  the conversation!

The journey towards robust cloud security is ongoing, but with the right tools and practices, we can stay ahead of the threats and ensure that our applications are secure and compliant. Let’s take control of our security posture, stay ahead of emerging threats, and empower our developers to build the future with confidence.