Home > Blogs > The Enemy Within

Long ago, Traenk read about new attacks, attacks modeled after biological attacks.  Those were viruses; what new comes?

I remember reading about the first viruses when they were written and able to hop from bulletin board to your own computer.  It seemed interesting, self-replicating code that would "breed".  But that was a long time ago.

I think a lot of science draws its inspiration from nature, from biology.  After studying parasites, I think I might have an analogy to offer, one that describes the difficulty an organization has when detecting and removing built-in hacker parasites.  Important?  Yes.

Today's leaders struggle to understand the changing face of computer and Information Security.  They've mastered viruses and sign reqs for "anti-virus" daily.  But what about the inside presence of a hacker?  Maybe s/he has compromised or botted a desktop or laptop or two.  Maybe you've hired the next Edward Snowden, and this worker is burrowing deep into systems, looking to live on the data you hope to protect.

When finding these parasites, it's not an easy thing to remedy.  The amount of pain and trouble (and inconvenience to those who must fall into scope, despite doing a great job); these factors often tempt leaders to just tolerate the parasites.  In response, you must wage a war to gain managers' hearts and minds.  And what parasite is analogous, a possible impactful comparison that will give you support?

Go to YouTube and view videos on botfly larvae extractions.  Those who view those seldom fail to avoid being squeamish.  Instead, most feel removing those maggots is worth the effort pulling them from open, oozing wounds.

Of course, some leaders may consider this too gross to use in a mixed setting.  Caveat Emptor!

Let me know what apt comparisons you use to keep your security program impactful.

jt

Become an InformIT Member

Take advantage of special member promotions, everyday discounts, quick access to saved content, and more! Join Today.