Cyber Security: Cyber Security Vendors May Have Missed a Scenario
July 21, 2021
I read a somewhat routine write up called “Work from Home Fueling Cyberattacks, Says Global Financial Watchdog.” The word watchdog scares me away. In the post SolarWinds’ era, where were those watchdogs? Come to think about it, “Where were the super smart, predictive threat intelligence systems?” I suppose even watchdogs have to catch some ZZZZs.
The article contained, in my opinion, a comment of exceptional perspicacity. Here it is:
“Most cyber frameworks did not envisage a scenario of near-universal remote working and the exploitation of such a situation by cyber threat actors,” the FSB said in a report to G20 ministers and central banks.
This is not napping. Nope. Missing a scenario makes it clear that cyber security vendors did not think through what would happen if their systems had to deal with off site working at scale. As a result, the systems probably are a-okay when monitoring a tire dealer’s computer system in Akron, Ohio. But in the work from home environment, the threat system was napping. I envision an ever vigilant junk yard dog with flashy icons on its spiked collar. Unfortunately the junk yard dog is chained to a rusting 1975 CJ7 and not on the prowl in the junk yard proper.
Net net: The defense mechanism keeps that old Jeep secure but the bad actors can haul off whatever auto parts of interest. There may be a couple of overlooked catalytic converters amidst the wreckage.
Stephen E Arnold, July 21, 2021