GUEST ESSAY: Silence on the front lines of strategic cyber assaults belies heightening tensions
First released in the late 1920s, the novel “All Quiet on the Western Front” was publicly burned, banned, derided and censored for its “anti-war” and “unpatriotic” messages. Set in the final weeks of World War 1, the story swings heavily on the contrast between false security and the realities of war.
Related: We’re in the golden era of cyber espionage
Today, we are talking about a different war dynamically morphing between a physical war and cyber war. President Joe Biden just told U.S. intelligence officials that he thinks a cyber breach could lead to a “shooting war” with a major global power.
While the “shooting war” has not started, a real cyber war has been raging on the front lines of computer networks for a while and we must remain vigilant to the fact an eerie silence may be the biggest threat of all.
“All Quiet on the Western Front” was described as the most loved and hated novel about war, its messages threatened Nazi ideologies, sparking riots, mob attacks, and public demonstrations, yet it inspired an Academy Award-winning 1930 movie adaptation.
Author Erich Maria Remarque may not have foreseen its full impact, but the story is laced with imagery describing starving soldiers, the brutally indiscriminate nature of (then) modern weapons, lost limbs, poison gas and death, lots of death. It should be a rude awakening for those sabre rattlers out there, that don’t understand the true human impact of a real physical “shooting war” war.
False sense of security
On the frontlines of computing, there is a false and persistent sense of security among CIOs, company boards and most security professionals that reminded me of the end of this novel. Over the years, the phrase “all quiet on the Western Front” has been adopted in innumerable contexts to mean a lack of visible change or stagnation. It seems this is where many organizations are stuck today under this false sense of security.
The final moments of the novel are (spoiler) deceivingly peaceful, contrasting with the overarching setting of war and its effects. It is in these moments, in the last “situation reports” from the military frontlines where a false state of calm and security that belied the coming death of the story’s protagonist. It seems like the most important lessons in life must be learned time and again.
Across the landscape of organizations, there is a definite cyber war raging, and I am not talking about “Call of Duty.” You don’t have to read news headlines for very long to see that there are casualties all around us. There is an enemy lurking and there are no rules to hold them back.
Defensively natured as cybersecurity practices can be, there are offensive principles that are a necessary part of the posture. That begins with an understanding that there is always a calm before the storm, before an event; and in today’s climate, we cannot afford the reassuring sense that all is well at any given point in time.
Let us set the stage of this sea of ‘calm’:
•APT – In the age that followed the global pandemic, nothing in cybersecurity stopped that entire time. Advanced Persistent Threats (APT) continued and according to countless reports and breaches, they have accelerated.
•Mobile – Reports also show that mobile threats to the web and applications have gained more traction under new campaigns.
•Diversity – Hacker creativity is at an all time high, with actors bringing in waves of zero-day threats into supply chain software attacks, phishing, and ransomware. Experienced groups and new players are combining forces and found new nearly undetectable ways to exchange information.
•Maximum impact – Fueled and inspired by changing workforce composition as well as user behaviors, attacks today are designed to express maximum impact, driven by geo-political goals and financial gains.
All the while, threat visibility has proven itself to be riddled with blind spots as hacks and incident reports continue to show compromised detection, a gap in understanding and shortcomings in proper security practices. To add to these factors, technology continues to change, accelerate and evolve – on both sides, while a crisis of talent resources continues.
We can also see that intrusion incidents lead to ad hoc approaches to security funding, adding ineffective layers to cybersecurity health especially when spending tails off when all seems well.
A Time to Act
When things seem calm, follow these general guidelines and remember that only the paranoid survive a cyber-war like this one:
•Actively and proactively leverage multiple sources of Threat Intelligence and trusted resources to monitor the latest methods, tools, tactics and keep a watchful eye on the roost on a daily or even hourly basis
•Always verify and never trust. It is always a good time for zero-trust authentication and a zero trust posture throughout the organization. This protects systems outside and inside the “castle.”
•Detect, investigate, respond and remediate issues on every endpoint, application, service and server system. Commit to timely and near instant responses.
•Spin up more security awareness training to help minimize social engineering, phishing and other user-focused attacks.
•If you can’t do these items on you own, and very likely you won’t, engage partners that specialize in a comprehensive security posture
All is Not Quiet
North, South, East, West. Up, down, or sideways – all is not quiet, or well, on the security front (and it never should be). Don’t hide the truth with skin-deep positive “situation reports” and always verify. Embark on a comprehensive security strategy that starts with the honest identification of your environments threats, then work to secure your environments comprehensively.
After these two first basic steps, it is critical to also prepare for the eventuality of a breach with a fully vetted disaster recovery strategy. The final step is to continually assure and ensure that there are no gaps in your security posture through an assurance and compliance program that takes new threat vectors, and compliance requirements into account.
Remember, there’s a massive storm out there even if you don’t see it or hear it. Silence is not golden, it’s a false sign of security. Lets take lessons from “All Quiet on the Western Front” and avoid the horrors of an actual war. By avoiding a cyber-breach or limiting its impact, we just may be able to avoid a disastrous “shooting war”.
About the essayist: Emil Sayegh is a cybersecurity expert, cloud computing pioneer; he is also CEO of Ntirety.
(Editor’s note: This essay was also appeared in Forbes.)
*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/guest-essay-silence-on-the-front-lines-of-strategic-cyber-assaults-belies-heightening-tensions/