fbpx
used with permission from Tektonika (HP)
ransomware hack analogies

Ransomware is the worst. Attacks grew 250 percent last year, and 26.2 percent of those targets were businesses. Even worse, one in six businesses that paid the ransom still didn’t get their data back. WannaCry alone affected over 400,000 machines, and let’s not even get started about ExPetr—the wipervirus formerly known as Petya—or October’s Bad Rabbit. And even though you’ve already implemented as many “new” and “innovative” strategies as you can, you still can’t sleep at night.

First, the good news: Some script kiddies are switching to cryptocurrency mining. Fewer new strains were discovered last year than expected, and threats are growing in volume but not variety. Unfortunately, the dominance of this threat is propelled by Ransomware as a Service (RaaS), or the open sale of malware on the dark web. One strain of RaaS, “Philadelphia,” was even openly marketed on YouTube.

Hackers are diversifying and creating more sophisticated wares for their customers, and mobile ransoms are rising. What can you do? You can worry more about mobile security strategy or invest in smarter office IT, like self-healing printers, that won’t put your entire network at risk. But you can also read on for some highly effective security inspiration . . . did you know infosec analogies are a thing? It’s true—and here are seven of them:

1. Look in the mirror—is a hacker looking back?

Not all hackers are bright, but some of them have sickening business sense. Did you know one RaaS program, Satan, gives n00bs what they need to build their own ransomware in minutes, with a 30 percent cut to the program creators? If you think of the hackers who write RaaS as an IT team, it’s infuriating. After all, they’re working to create end-user adoption among their script kiddie customers and create a UX that makes people feel happy—some even offer live chat support to the people they hack.

Successful cybercriminals are shrewd IT pros who constantly push the bar higher to keep their IT users happy and paying for RaaS, and there’s a lesson in that fact. What security tools or training could you use to blow your coworkers out of the water?

2. Move those slugs from your flower garden

No one likes slugs, especially when they leave slime trails on your arugula. Senior Security Director Chris Nelson compares cybersecurity to permaculture, or an ecosystem-based, collaborative gardening mindset. Here’s why this analogy works: Permaculture is all about setting priorities and targeting the worst of them.

Identifying your unsecured entry points may be priority number one. Reviewing VPN logs may be zone number three. Ransom-seeking hackers are definitely total slugs, and you should take a targeted approach to training and defense to get them out of your precious IT garden.

3. Make sure your network isn’t a candy bar

“Hard and crunchy on the outside, but soft and gooey on the inside.”

The rest of this quote by Security Journalist Brian Krebs becomes a little more useful: “Once something gets through the [network’s] outer defenses, it’s often a cakewalk to move around the internal network unimpeded.” Yikes. Once a hacker’s in, will ransomware spread through your network, like wildfire?

You know you’re in information security if candy reminds you of network segregation.

4. Pwn the malware epidemic

“Infosec isn’t about the cost of ownership, it’s about the cost of pwnership,” says Microsoft MVP Troy Hunt. In his experience, the best security pros have a “subversion mind that’s equal parts creative and destructive.”

Hackers aren’t playing by anyone’s rule book. Technically, neither is corporate security. It’s like the Wild West out there. Enjoy the fact you’re writing your own playbook and go pwn the malware epidemic.

5. Identify your suicidal kangaroos

About 20 percent of mature western gray kangaroos don’t look both ways before they cross the highway, and Australian researchers can’t figure out why this group didn’t learn safe behavior as baby joeys.

Organizations also have a certain number of employees with suicidal kangaroo syndrome, according to British Airways’ Rob Hadfield. They “understand that certain behavior is dangerous or inappropriate, but will do it anyway.” There’s always someone who finishes awareness training and immediately downloads a sketchy app. These people are on the front lines against hackers—identify your population of at-risk kangaroos, limit their access to sensitive data, and when necessary, adopt stronger controls.

6. Don’t leave your exhaust pipe exposed

Remember how the evil empire in Star Wars left an exhaust port unsecured on their best ship, the Death Star? It wasn’t a big flaw, but the Rebels identified the flaw and took it down. If you can swallow the fact that you’re the empire in this analogy created by Vulnerability Risk Manager Matthew Parker, it really works. Hackers don’t need much to take down your ship. All it takes is one unsecured endpoint.

Proactively identify and secure the exhaust pipes of your office IT, like unsecured business printers, or the real force of evil will get you with a prepackaged RaaS threat.

7. Give users a cookie for good behavior

Why are people still clicking on malicious links? According to Security Architect Chris Brenton, it’s because it feels good. Scientists have found that opening emails creates a dopamine reward response in the brain. It’s similar to the rush some people get from gambling. Thinking about the ransomware fight like a behavioral scientist just might work. Reward people who report suspicious-looking emails—even if they’re not dangerous. Give prizes for good security, and if you keep at it, secure behaviors could feel better than gambling.

Luckily (or unluckily, depending how you look at it), information security analogies are growing faster than known strains of malware. Whether you find motivation in a security strategy inspired by slugs, Star Wars, or kangaroos, fight onward. Think like a hacker, secure your endpoints, and establish network segregation to keep your business safe from any external or internal threats.