Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Game of Thrones can teach you valuable security lessons

Vincenzo Marsden | Aug. 2, 2016
The web is indeed dark and full of terrors. Here are seven lessons for security managers pulled straight out of Westeros.

In the world of Game of Thrones, the many faced god is a just god; who takes a life for a life. In the real world, faceless attackers have far more disguises at their disposal, and will use them to their advantage at every turn made available to them. While the ends differ, the means remain the same.

These days cyber-attacks are more common and becoming more sophisticated every day.

What they’re after isn’t always clear, but for every method used by cybercriminals and hackers seeking information, The implementation of new technology, hybrid cloud storage systems, data-splitting, cryptography and centralized storage databases are becoming the norm.

3. Walls of fire don’t always help

Modern firewalls are complex and take months to become familiar with, but even the most complex firewall is only software and by its very nature has defects. Unidirectional gateways block attacks from untrusted networks no matter what their IP address is, but without them, it’s easy to bypass firewalls with forged IP addresses, especially if someone has access to the same LAN segment as the network they're trying to breach.

In Game of Thrones, the seven kingdoms of Westeros are protected by a 700 foot, 300 mile wide wall of solid ice that was built by “Bran The Builder.”

It has magical spells woven into it to White Walkers out, but many of those spells have been undone by Bran Stark. Now the wall is just a wall.

Sometimes all hackers need to breach a firewall are the magic words.

Password theft is the easiest way to break into a network, and the methods attackers have devised to steal passwords have become far more devious.

Spear phishers use extremely convincing emails targeted at people with access to passwords and protocols. Encryption and two-way factor authentication are practically useless against attacks from within a network, but unidirectional gateways block outside communication and attacks into plant networks.

4. Keeping your friends far and your enemies farther

Access to data by individuals within a network, or by trusted employees isn’t always safe. From Mark Abene and Julian Assange, to Chelsea Manning and Edward Snowden, people with access to networks can gather massive amounts of data with limited resources and small windows of time.

As seen on Game of Thrones, as Lord “Littlefinger” Baelish and Varys “The Spider” use their networks of information in the form of “Little Birds” to grasp and grip in the power struggle between kingdoms, even the weakest link can bring down, or at the very least contribute to the fall of kings.

In September of 2015, Morgan Stanley realized that 730,000 account numbers were stolen by an employee, whom had been gathering account numbers over a period of three years and had them transferred to a private server at his home. It would be wise for companies with sensitive information to implement a “trust but verify” model, storing data in digital safes and data secure repositories, as well as developing and enforcing “need to know” policies among employees.

 

Previous Page  1  2  3  4  Next Page 

Sign up for Computerworld eNewsletters.