Catching Wild Pigs

How to Catch a Wild Pig: You catch wild pigs by finding a suitable place in the woods and putting corn on the ground. The pigs find it and begin to come every day to eat the free corn. When they are used to coming every day, you put a fence down on one side of the place where they gather. When they are comfortable with the fence, they begin to eat the corn again, and you put up another side of the fence. They become oblivious to that, and they start to eat again.

Continue until you have all four sides of the fence put up with a gate in the last side. The pigs, habitually coming to eat the free corn, enter through the gate to eat; you slam the gate on them and catch the whole herd. Suddenly the wild pigs have lost their freedom. They run around and around inside the fence, but they are caught.

It Happens to Us: Is this a ranching piece or the Cyber Tripwire?  There is a parallel to the wild pig parable and what is known as “cybersecurity fatigue.”   According to the National Institute of Standards & Technology, security fatigue is “a weariness or reluctance to deal with computer security.”  When asked to make more computer security decisions than they are able to manage, people tend to experience decision fatigue, which leads to security fatigue. Every day, people on their computers are being asked to make a multitude of cybersecurity decisions:  “What’s the password for this site?”  “ Should I open this email?”   “Is it OK to click this link?”   

Collaboration Tools: Due to the pandemic, more people are working remotely, leading to the skyrocketing usage of collaboration tools, like Discord, Teams, and Slack.   The users who are collaborating, sharing links, and sending files, lack the concern of whether the link is legitimate or if the file has embedded malware.  (Was that a fence that just went up? Nothing to see here—it’s normal.)    We’ve been lulled into thinking that we can disregard security concerns for these collaboration tools.

Hackers Take Over: Recently Talos, Cisco’s cyber intelligence division, wrote an article about how hackers are using collaboration tools to evade organizational defenses.  The hackers improperly use the legitimate collaboration tool, which is not blocked, to distribute their malware. This happens because many of the security perimeter controls existing on email or web browsers are not in effect with these collaboration tools; thus, hackers prey upon employees’ cybersecurity fatigue. This fatigue works in the hackers’ favor because users are accustomed to passing information such as links and files through these chat tools thinking they are secure.  (What’s that fence doing there? It’s all normal—nothing to see here.)

Your Counter Measures: Organizations should take measures to combat this, like whitelisting applications and employing endpoint detection.  “Least privilege” should be employed, meaning regular users are not running as administrators.  Remember:  If you click on a malicious link as administrator, now that malware becomes the administrator of your system.  Micro-training, another option for better cybersecurity for your employees, consists of weekly three-minute videos sent via email to keep the protection of your business in the top of their minds.

Pay Attention: Be careful while using your organization’s collaboration tools.  Treat files and links in those tools just like you would in emails.  Stay alert.  That way, when you are happily eating your free corn in the field, and the next day there is a peculiar-looking fence, you’ll know it’s time to run!