What an Ancient City can Teach Us About Cybercrime

I was fortunate to spend some time traveling in Europe this summer, and one of my favorite destinations was Rothenbur ob der Tauber (Rothenburg) which is a well preserved German walled city that dates back to 920.  It was amazing to wander the narrow passages and protective walls and imagine what life was like about 1100 years ago.  Yet as I pondered the pristine surroundings, I realized that IT still faces many of the same challenges as our ancestors.

Ancient City 1Rothenburg’s protective walls, moats and secure gates were considered state of the art or even cutting edge 1,000 years ago, and thanks to these protective measures, the city survived largely unscathed for over 700 years. It was finally captured in 1631 by Johann Tserclaes in a short lived battle with the biggest change being the inclusion of gunpowder.  Suddenly, the walls that seemed so sturdy were outdated.

In IT, we face a challenge of cybercrime.  Historically, we have relied on defensive measures such as virus scanning and intrusion detection to protect us.  However, just like the advent gunpowder eroded Rothenburg’s defenses, advanced threats have emerged that are not effectively addressed with traditional security measures.  New attack vectors like ransomware are forcing us to rethink how we store and protect information.

We can turn to the news to see some examples of these new challenges in action.  For example, according to Fortune Magazine, Sony Pictures faced a malware attack that “… erased everything stored on 3,262 of the company’s 6,797 personal computers and 837 of its 1,555 servers.”  More recently, a racing team was infected with Ransomware and their critical racing files worth millions of dollars were suddenly inaccessible.  They were fortunate to regain access once they paid the ransom.  The common thread is that new protection measures are required to combat these nefarious activities.

Dell EMC has an offering which addresses this challenge called Isolated Recovery Solution.  The isolated recovery strategy is simple – if a hacker cannot access data then the likelihood that he/she can corrupt, steal, delete or other impact is significantly diminished.  The solution enables customers to maintain gold copies of data in an offline state in a non-executable environment.  This means that while the data is contained within a storage system, local computing resources are not configured to run any application in the IR storage target and hence malware or other similar programs would have a difficult time corrupting the gold copies.   Had either Sony or the racing team had this solution in place, the impact of the hackers would have been mitigated.

In summary, Rothenburg succumbed to gun-powder enabled assault because they were unable to cost-effectively upgrade their defenses to respond to the new threat.  As a result, the town suffered centuries of decline.  We are lucky in IT in that we have the ability to transform our environments to respond to changing attach vectors.  However, if we are too late to response like Rothenburg was, we will find ourselves at risk of suffering a catastrophic outage at the hands of our enemies.  Every reader should be thinking about their cyber security risks.

About the Author: Jay Livens