What ‘Nightingale Floors’ From Historical Japan Can Teach Us About Intrusion Suppression

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Multinational corporations are under siege from a multiplicity of threat actors. The cyber arms bazaar that flourishes around the world has allowed for criminals and nations to wage long-term campaigns against corporations and government agencies. These cyber criminals stalk businesses and consumers from the fog of the dark web. Evidence suggests that the dark web has become an economy of scale wherein the cyber-crime syndicates have begun to target the inter-dependencies of our networks. 2018 has ushered in a foreboding era of digital colonization of American cyberspace. 

As the cyber criminal community burrows into our networks we must appreciate that after the initial theft of data they tend to hibernate. This hibernation allows for secondary schemes of monetization. Some of these criminal endeavors include reverse business email compromise against your customers, wateringhole attacks, and island hopping.   

A recent study, conducted by Carbon Black, surveyed financial institutions per “Modern Bank Heists.” The study noted that 44% of respondents were very concerned with the security of their technical service providers and anticipated “attempted” island hoping to occur in the coming months. 

Cyber criminals realize that there is implicit trust in your brand. This trust can and will be exploited. The modus operandi of cyber criminals has been modernized and thus we should allow their offense to inform our defense. A strategy of intrusion suppression must be enacted.  Intrusion suppression is defined as the detection, diversion via deception, containment and hunt of a cyber adversary in a clandestine fashion. 

Historically, the first manifestation of intrusion suppression occurred in feudal Japan in 1185. Floors were designed to make a chirping sound when walked upon. These floors were used in the hallways of some temples and palaces, the most famous being Nijo Castle in KyotoJapan. These floors were designed so that the floors nails rubbed against a clamp, causing chirping noises. This tactic was deployed to thwart ninjas from assassinating feudal lords as they slept. Once awoken to the “Nightingale floors” the “intended” victim would toss makibishi, along the walkway.  The makibishi would puncture and then poison the slippered feet of  attackers. 

In 2018, CIOs must enhance the scope and diligence of their supply-chain security assessment. First, security strategies must encompass more than technology vendors. Law firms and marketing firms should be included in all annual security assessments. Second, any merger or acquisition must include a “hunt” e.g. compromise assessment. Such a compromise assessment should include a penetration test from within your network to the outside world. Finally, service level agreements (SLAs) must be modernized to mitigate the cyber crime and cyber espionage.  Therefore, the rigor of the security controls required must encompass elements of intrusion suppression like the proactive use of hunt teams, iron boxing  and deception grids.

Managing cyber exposures to your supply chain is a function of conducting business in 2018. Beyond mere compliance with existing standards, corporations must protect their brand before it is hijacked. Supply chain risk management requires an architectural paradigm shift. 

Modernizing defense-in-depth will allow an organization to thwart the burgeoning digital invasion. It is imperative that we reevaluate all vendor relationships and institute increased safeguards and oversight as information supply chain risk is here to stay. Cybersecurity investment mitigates third-party risk. Those companies who embrace brand protection as a function of comparative advantage will remain the titans of industry.

The post What ‘Nightingale Floors’ From Historical Japan Can Teach Us About Intrusion Suppression appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
73 Followers
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.
Promoted Content
7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Everyday companies put more of their assets in digital form. Healthcare records, retail purchases and personnel files are just some of the many examples of how our entire lives have moved online. While this makes our interconnected lives more convenient, it also makes them more vulnerable to attack. The monetary benefits of exploiting these vulnerabilities have created an extremely profitable underground economy; one that mimics the same one we all participate in and has led to an increase in the sophistication and frequency of attacks. At the same time, mobility and cloud are changing the security landscape. We’ve moved from a centralized to a decentralized model as end users increasingly work on-the-go and access critical business applications and resources from anywhere. As such there is more emphasis on the endpoint and individual identities - from both the defender and the attacker - than ever before. As endpoints become smarter, new challenges emerge: emerging ransomware and 0-day exploits infect all kinds of systems with ease, while many attackers use no malware at all to accomplish their malicious goals. With all this change, we spoke to 7 leading security experts to identify what’s working and how they’ve influenced their organization to make the necessary changes before becoming the next victim.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel