Cyber Security - Build a Wall or Give Permission
You are the Boston Red Sox organization and are ready to post online tickets for the end of season series with the New York Yankees. You do not want all the tickets purchased by scalpers and Russian hackers using an automated phishing attack to buy the tickets before Boston and Yankees fans can purchase them. Anyone walking up to Fenway Park in Boston on game day knows scalpers are buying tickets and reselling them at a premium. If you are the Red Sox organization, how do you prevent massive high speed ticket purchases by criminal hackers?
My article You Have Been Hacked, Now What outlines what a CEO and corporate board can do to prepare for and deal with inevitable cyber security breaches. Building a strong wall around your most valuable software, financial, and IP assets is a core element of a cyber security strategy.
I recently toured the Akamai Technology headquarters in Cambridge, MA, and heard their approach to what they call an “edge strategy” of cyber defense. Instead of a close in defense of core assets, Akamai is looking at the pattern of connections to your system. From their analysis of the characteristics of the attacker, they quickly decide whether to block the connection or permit it to go through.
If I want to go to the Red Sox/Yankee game, I get on my computer and go to the Red Sox ticket site. I use my mouse to select the game and the seat I want, and I enter my credit card info. I click, and the purchase is made. A hacker in Russia can set up a program to move the mouse around the ticket site. The mouse clicks on the seats and buys the ticket just as I have done except that 1,000 tickets would be purchased in a second. If the Red Sox server is on the Akamai system, the pattern of mouse movements is also monitored and not just the clicks of the mouse. My mouse movements will look like a kid’s Etch A Sketch drawing. The automated hack will be neat short lines. When the automated mouse pattern is detected, the connection is terminated.
Cyber security is a complex problem. And most cyber breaches are enabled inside the company usually unintentionally. The technology of both the hackers and the defenses is advancing so rapidly that the concept of cyber defense appropriate for your company should be under continuous review. According to Dr. Liz Borowski, VP, Platform Engineering at Akamai, some companies have reduced their reliance on cyber walls with fairly open access inside the wall. Instead they give each employee specific and limited access only to systems and data required for their job.
I also met Dr. Abel Sanchez during the tour. He is the director of MIT’s Geospatial Data Center. He related MIT’s tradition as an open system, seeing itself as a community of knowledge to be shared with everyone; a philosophy it extended from its physical footprint to its presence on the internet.
Recently, a cyber monitoring system was connected to the MIT network. The university leadership was given a visual display of attacks on MIT from across the globe over a twenty-four hour period. Thousands of cyber attacks hit the school’s network from every country in the world, with the exception of three. The only countries not attacking MIT were the South Pole, the Vatican, and North Korea. And North Korea goes through Chinese servers. MIT has installed an opt-in cyber defense platform after understanding the magnitude of attacks against the school and its resources.
Cyber security is not an IT problem. Risk management and protection of company assets and market value is the responsibility of the most senior leadership of the firm.
Winter in New England
We associate winter with snow and cold. And we have certainly had the cold. I like visiting New Hampshire and Vermont as a photographer because the snow covered ground helps me see precious elements of a scene that I might miss in the cluttered vision of summer.
The fields of VT were covered by two feet of snow. The weathered barn window called to me for attention.
