What ‘Nightingale Floors’ From Historical Japan Can Teach Us About Intrusion Suppression

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Multinational corporations are under siege from a multiplicity of threat actors. The cyber arms bazaar that flourishes around the world has allowed for criminals and nations to wage long-term campaigns against corporations and government agencies. These cyber criminals stalk businesses and consumers from the fog of the dark web. Evidence suggests that the dark web has become an economy of scale wherein the cyber-crime syndicates have begun to target the inter-dependencies of our networks. 2018 has ushered in a foreboding era of digital colonization of American cyberspace. 

As the cyber criminal community burrows into our networks we must appreciate that after the initial theft of data they tend to hibernate. This hibernation allows for secondary schemes of monetization. Some of these criminal endeavors include reverse business email compromise against your customers, wateringhole attacks, and island hopping.   

A recent study, conducted by Carbon Black, surveyed financial institutions per “Modern Bank Heists.” The study noted that 44% of respondents were very concerned with the security of their technical service providers and anticipated “attempted” island hoping to occur in the coming months. 

Cyber criminals realize that there is implicit trust in your brand. This trust can and will be exploited. The modus operandi of cyber criminals has been modernized and thus we should allow their offense to inform our defense. A strategy of intrusion suppression must be enacted.  Intrusion suppression is defined as the detection, diversion via deception, containment and hunt of a cyber adversary in a clandestine fashion. 

Historically, the first manifestation of intrusion suppression occurred in feudal Japan in 1185. Floors were designed to make a chirping sound when walked upon. These floors were used in the hallways of some temples and palaces, the most famous being Nijo Castle in KyotoJapan. These floors were designed so that the floors nails rubbed against a clamp, causing chirping noises. This tactic was deployed to thwart ninjas from assassinating feudal lords as they slept. Once awoken to the “Nightingale floors” the “intended” victim would toss makibishi, along the walkway.  The makibishi would puncture and then poison the slippered feet of  attackers. 

In 2018, CIOs must enhance the scope and diligence of their supply-chain security assessment. First, security strategies must encompass more than technology vendors. Law firms and marketing firms should be included in all annual security assessments. Second, any merger or acquisition must include a “hunt” e.g. compromise assessment. Such a compromise assessment should include a penetration test from within your network to the outside world. Finally, service level agreements (SLAs) must be modernized to mitigate the cyber crime and cyber espionage.  Therefore, the rigor of the security controls required must encompass elements of intrusion suppression like the proactive use of hunt teams, iron boxing  and deception grids.

Managing cyber exposures to your supply chain is a function of conducting business in 2018. Beyond mere compliance with existing standards, corporations must protect their brand before it is hijacked. Supply chain risk management requires an architectural paradigm shift. 

Modernizing defense-in-depth will allow an organization to thwart the burgeoning digital invasion. It is imperative that we reevaluate all vendor relationships and institute increased safeguards and oversight as information supply chain risk is here to stay. Cybersecurity investment mitigates third-party risk. Those companies who embrace brand protection as a function of comparative advantage will remain the titans of industry.

The post What ‘Nightingale Floors’ From Historical Japan Can Teach Us About Intrusion Suppression appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?