I don’t like dogs; I need a dog.
This is not a post about dogs, but about Internet security. For the record, I love dogs. For me, Will Rogers summed it up best. He said, “If there are no dogs in Heaven, then when I die, I want to go where they went.”
Recently, I visited the small country of Nicaragua. Many of you may not be following the La Prensa news, but Nicaragua has had a tough go of things in the last year. Following forty years of peace, there recently has been some strife, and some political turmoil and, sadly many deaths.
For my visit, I stayed in a lovely home just outside of the capital city of Managua. This modest home was tastefully appointed with a beautiful garden and an ample courtyard in the fashion of the old Spanish Revival haciendas. The rooms were plain but well-decorated with family photos and keepsakes that reminded me of the tranquility and charm of Central America and the love that this home’s walls had borne witness to amidst its surrounding frequent turbulence.
Walls, Cameras, and Razor Wire
The perimeter of the house was less inviting. Ten-foot concrete walls wrapped the property each adorned with Slinky-like razor wire that pained me even to look at. There were cameras under every eave and private neighborhood security too. The house was secure, I didn’t worry for a moment, and aided by the day’s heat and the tropical air, I slept like a corpse.
In the morning, the anticipation of a cup of Nicaragua’s finest “plantation to cup” blend pulled me anxiously from my pillow. I sprung out into the courtyard only to be confronted by a seriously agitated pitbull that looked simultaneously angry and hungry and sported the glare of a dystopian refugee. I walked backward slowly, making no sudden movements and awaited a more formal invitation to breakfast.
You see, at night the owner of this home apparently let his pitbulls roam the property as an added safeguard for its guests. My morning cardiac event notwithstanding, I’d say it was pretty effective, but I correctly suspected that I was the only human that that dog had seen for many hours.
At breakfast, we joked about my run-in with “Lucia” and how proud she was of her razor-sharp teeth and beady eyes. At one point I asked the proprietor, “Why the dog?” The walls, the razor wire, the cameras, the guard – wasn’t that more than enough? He then said something that I won’t soon forget: “Two of my neighbors bought pitbulls. I had little choice.”
The Least Hospitable Target
It hit me like a lightning bolt. Crime was a certainty; the only question was one of victim selection. And, the least appealing target would have an advantage. All the homes had walls, and barbed wire and cameras. And now, they also have dogs. To be secure was important. To be the least hospitable target was equally important.
Physical security investments are ever growing because criminals continue to find ways past the existing traditional defenses. They use 12′ ladders to hurdle 10′ walls. Razor wire is defeated with an old piece of carpet. Cameras blinded with spray paint. A dog is subdued with a bacon-wrapped Ambien.
Guard Dogs in the Cyber Realm
The same is true for cybersecurity. While security systems are less visible in the cyber realm than they are in the physical world, criminals quickly learn about the new technologies that are being deployed against them. They don’t know who has what, but they know that there are cyber equivalents of walls, razor wire, cameras, and now dogs. So, they improve their attacks accordingly, casting a wide net, and finding success with the organizations that have not kept up with their neighbors.
Everyone has passwords and firewalls and virus scanners, maybe even DLP and 2FA and IDS. And the criminals have found their way past these defenses using polymorphic malware that evades signature-based detection, social engineering, spear phishing, IoT vulnerabilities, and other homegrown techniques, both sophisticated and simple. They have breached the wall and razor wire and eluded the cameras. Now they’re inside, and it’s up to the family dog to find them before they steal your money and jewelry.
The dog in this analogy is network security that can detect lateral movement, external communication, and the staging of data for exfiltration. Perimeter security is no longer enough, and it’s incumbent on the safety conscious to continuously innovate and improve their defenses to stay one step ahead of the criminals. Companies with network threat detection and response solutions, like Lastline’s AI-powered Network Defender, are today’s least hospitable targets. That’s what Lastline helps organizations become – the world’s least hospitable targets.
If you were a criminal, whose home would you visit tonight?
Latest posts by John DiLullo (see all)
- Lastline Donating File and Artifact Analysis Service - March 25, 2020
- Hiding in Plain Sight: Threats You’ll Miss Without AI - January 27, 2020
- Santa’s sleigh is probably brimming over with Malware - December 24, 2019