Palo Alto Networks’ thoughts on dealing with similar challenges
[datensicherheit.de, 27.05.2020] Against the background of the so-called Corona crisis will the vulnerability our modern, globalized world more clearly than ever. This applies just as much to the digital world as the rampant one Cyber attacks of the recent past, said Palo Alto Networks. It was no accident that some of the language that experts use to describe cyber security threats comes from the biological world, especially terms such as “Viruses” and “Infections”. The similarities are striking. The question arises of how we could apply the lessons learned from the Corona threat to the world of cyber security.
Corona as a metaphor for viral threats, including IT security
The corona virus, like many computer viruses, is a so-called Zero day attack: There was no advance warning, no minor outbreak where it could have been contained quickly before it spread.
However, it spread quickly, with no effective treatment or containment options, and caused enormous damage. The corona virus is transmitted by individuals when they interact personally with each other – like the spread of computer viruses in a network. All of these characteristics reflected certain types of Computer malware contrary.
Corona spread like a computer virus on a network
Ryan Olson from Palo Alto Networks notes that the corona virus spreads like computer viruses in a network: “The earliest samples of computer viruses would write additional code to another executable and change the entry point to start executing on their code. This is almost identical to a biological virus that cannot live alone and has to attach to a host cell, to survive and reproduce. “
Another essential commonality is the need for an antivirus vaccine. Classic antivirus computer solutions worked in a similar way to ours immune system in the defense against viruses. They contained a small piece of the virus and files created to identify virus-infected files. The immune system in the body actually does the same thing by storing a small part of the virus and using it to identify infected cells and then destroy them.
Ignored for cost reasons
While in the cyber world, compared to the biological world, it is likely to be easier and faster to achieve a mitigation, a computer virus can contract due to the ubiquitous digital Connectivity spread much faster. The question should be asked on a case-by-case basis: “Will there be widespread damage, and how destructive is it ultimately?”
In the real world, everyone could have been better prepared for COVID-19 – with one adequate equipment on critical devices such as test kits, masks and ventilators. However, only a few countries are willing to accept a risk model for something that appears abstract. Many warning voices were ignored for cost reasons.
Lessons from Corona for corporate cyber security
One lesson that companies could hopefully take with them is that they are on the unimaginable cyber security should be as prepared as it should have been for this pandemic. In the worst case, planning could feel unnecessary, but in the event of an unpredictable crisis, the effort was certainly not wasted.
Another lesson is that of damage limitation. The implementation of a Zero trust security model is the key to prevention and response. With “Zero Trust” are defined as for a biological virus, what is most important to protect, i.e. e.g. protect yourself and your family.
Segmentation recommended
In the area of cyber security, segmentation is useful to Build controls around key resources and policies to limit malware or zero-day attacks from entering this environment. Businesses could include controls that limit the ability of viruses to infect other parts of the environment.
By means of segmentation, sensitive data and systems remained separate from each other, so that an infection could not spread. This approach is similar to that of the “Social distancing”, also comparable to the use of masks or self-quarantine, to curb the spread. Just like in the biological world, cyberspace can also prevent infections from entering and leaving bidirectionally.
Timely prevention is better than an actionist response
The COVID-19 analogy and threats to cyber security go even further. With zero trust methods you take that “Smears” demonstrate the tests, the isolation and the quarantine in real time before the infection enters the system and infects others. Since everything was pre-tested and pre-validated, there could be no asymptomatic carriers that secretly spread the infection.
The world is never safe and the “COVID 19 pandemic” is devastating. Olson: “It is hoped that companies and individuals in the cyber security world will not encounter such a scenario.” If it ever happened – which is quite possible “Then the least you could do to understand the risks would be better on them Prevention to be prepared and to react quickly to damage limitation “. It was now a matter of creating the conditions at all points “That managers take the right steps before a crisis hits unexpectedly”.
Further information on the topic:
datensicherheit.de, May 15, 2020
PIRATES: Criticism of reporting requirements for all people tested on COVID-19
–
