Here are some critical cybersecurity countermeasures, 'Game of Thrones' style, to gird systems
Friday, August 11, 2017
Posted by: Brian Monroe
Photo Courtesy HBO
By Brian Monroe
August 11, 2017
To read the main ACFCS piece analyzing the recent hack of HBO, using the media giant's massively popular series "Game of Thrones" as leverage to extort more than $7 million in untraceable Bitcoin, please click here.
Here are some critical cybersecurity countermeasures, “Game of Thrones” style, and key resources to better gird your systems and bolster cyber monitoring, resilience and recovery:
How do you keep out hackers, just like Westeros keeps out the Wildlings. You wall it off.
Cyber experts say that for most companies, it’s a question of when, not if they will be hacked. But to improve cyber resilience, and not break the bank, firms should do a cyber risk assessment, to find gaps before hackers do, and determine how different systems and information is being protected.
They can then focus on shoring up those areas and putting the most valuable intellectual properties behind the most secure areas – potentially even in a walled off area disconnected from the network – and restricting access to only a select few with the highest permissions. That way, even if a hacker gets in, he won't be able to get far or do any real damage to the company, or, as in the case of HBO, get something to hold as ransom for millions of dollars.
How do you defeat a hack before it happens? Just like John Snow defeating white walkers, with an offense made of dragon-fire burnished Valyrian steel.
In this case, that special steel to wield against the Long Night is knowledge. Cyber experts note that more than 90 percent of hacks happen – such as business email compromise, ransomware, non-updated systems and malware – due to human error.
The means if you train your team not to open strange email attachments, not to act on that message seemingly coming from the CFO to send a wire to Asia for a company typically only operating in the United States, you are basically defeating the nigh unkillable White Walkers – hackers – in this case. And like in Game of Thrones, hackers can mimic white walkers in the real world because they can infiltrate and kill your system, raising zombies and bot armies to do the will of the Night King.
How do you know if hackers are targeting your company? Take a page from Lord Varys and Littlefinger’s book: check with your “little birds.”
In Game of Thrones, those two characters are the consummate spies of the Seven Kingdoms, getting intelligence from every area of the realm. They call their spies little birds, an apt reference as sometimes the information arrives tied to the claw of a Raven.
In the real world, hackers can also leave some evidence that can be used as intelligence. In some cases, hackers will offer their services on the “Dark Net” and even talk about what companies or kinds of companies they want to hit. With a little research, companies themselves can go on the Dark Net and find and read these forums for themselves so they if they have somehow gotten on the radar screen of a hacking collective.
As well, there are some groups that, after they have hacked a company, will offer the data for sale on the Dark Net. If a company knows this, they can better lessen the fallout. Lastly, some normal internet sites, like www.haveIbeenpwned.com, will show a person or company has had their email addresses compromised.
That information can be vital because it may be that an employee has had their personal credentials hacked from a non-company site, which opens up more vulnerabilities if that person visits person sites on company computers. If a company can find that out ahead of time, they can quarantine that employee and make sure all of their access to the network is restricted until all passwords are changed.
And, as current queen and ruler of the Seven Kingdoms, Cersei Lannister does, always expect the unexpected.
For an ACFCS checklist to deal with ransomware attacks, click here.
For a listing of both ACFCS and outside resources on ransomware, click here.
For ACFCS coverage of FinCEN guidance on cyber-enabled frauds, click here and here.
For an ACFCS “Resource Roundup” highlighting eight open source avenues to bolster cybersecurity programs, click here.
For a summary of key conclusions and countermeasures from an ACFCS cyber conference, click here.