Layers of Defense Against the Plague

Plague. What an ugly word. So ugly, indeed, it is rarely used to depict anything less than apocalyptic. Now another word has unmasked our distant socializing. COVID-19.

My daughter (now living in distant Texas) told me over the phone she is SICK of COVID-19. Not with. Of. She came down with a cold last week and had to get a COVID-19 test. Just to be sure. She was livid. She threw her steel water bottle at the tile floor.

Your Immune System: I spoke to a friend in the medical field last week about how the COVID-19 vaccine works, and how our immune system uses it. He explained there are several layers of defense inside the body.

The Skin: The first layer of defense is the skin. It keeps most pathogens out of the body. Problem is, there are a couple of orifices through which a pathogen may enter. Primarily the nose and mouth.

Innate & Adaptive: Once inside there are two main systems involved in eradicating the threat. The “innate” and the
“adaptive”. Newborn babies are immediately protected by the innate immune cells. Innate immune cells recognize “general” danger. The other system is the “adaptive” system. It’s the one that recognizes specific pathogens.

Going Deeper: There are sublayers of these two systems. Bone marrow, the spleen, the lymphatic system among others less well-known to the general public due to social distancing I’m sure. All are critical to our survival. If any of these additional layers malfunction, or cease to function, the results can be catastrophic.

Just Like Cyber Defense: By now you are wondering, this is all fine and good, but what does it have to do with computers? Let me explain. Our physiology uses two proven methodologies to protect us. Both of which are also applicable to computer, network, and information security. One is “Defense in Depth”, the other is “Zero Trust”. It’s kind of like this. Imagine if the only defense your body had against disease was your skin. How long do you think you’d survive?

Holes in Your Defense: Your skin is like the firewall of the body. You need it for sure. And it DOES keep out a lot of pathogens. But remember the two BIG weaknesses in that defensive layer of skin? You need to eat and breathe so you can’t close those ports. They have to remain open. And generally, that’s how pathogens get in and you get sick. In like manner, the firewall you use on your network has two gaping holes. One for internet, and one for email. And generally, that’s how malware gets in and you get ransomware.

Antibodies: Once inside your body, a virus is detected as foreign and immediately attacked. Then the antibodies build a memory so if that specific virus ever comes back, the time to eradication is significantly reduced. Your Immune system can also fight pathogens your body has never seen before. Anything that isn’t known by your body to be good is immediately attacked.

The Problem with Cyber Defense: Imagine if your body only eliminated those pathogens it KNEW was BAD. The human race would never survive. Unfortunately, this is EXACTLY the approach we’ve taken with computer and information security. The expensive firewall you have at the edge of your network is like your skin. Complete with two gaping holes for internet and email access. Holes through which the pathogens enter your network. You have antivirus too. But it only stops what it KNOWS is bad. What about all the bad it doesn’t know about? There’s the problem. Because there are over 100,000 new malware variants EVERY DAY. 100,000 new malware variants your antivirus knows NOTHING about, cannot detect, and will not stop.

AppLocker: Just like the human race would never survive with that approach to pathogens, networks succumb to ransomware and other malware every day. For that very reason. They only stop what they know is bad. Fortunately, there is a solution. It’s sitting in your operating system already. It will stop about 95% of all the new malware. Even if it’s never seen it before. It’s the adaptive immune system of your computer. On Windows it’s called AppLocker. But you have to enable it. It’s turned off by default.

Contact the CyberGuys from CyberEye about how to do that at no cost to you.

The Flight of the Auk

Adaptability: One of the fundamentals of survival is the ability to adapt quickly to a changing landscape.

In June 1844, the last Great Auk was killed, ironically, so it could nest permanently in a dusty museum.

Akin to the Dodo: The Great Auk was a helpless, hapless, flightless bird that bred in colonies on some rocky islands in the North Atlantic. You may never have heard of it. Perhaps, because the sly insult “strong as an Auk” doesn’t sting like “cunning as a Dodo”, and “Auk”, could be linguistically confused with “Ox”.

What Is It: The Great Auk is similar to a penguin: flightless and helpless. Why aren’t the penguins extinct, too? They live in Antarctica. People haven’t gone there in great numbers. For the Auk, they lived on an island used by sailors as a pantry for restocking supplies, like bird meat. Antarctica isn’t somewhere people regularly frequent for the same purpose. It’s inconvenient, and inconvenience to humans may have saved the penguin.

Extinction: Whether Dodo, Great Auk, or Wooly Mammoth, the end was the same—extinction. Extinction due a cataclysmic collision of unfortunate events. The animals had developed defenses ideal for the geographic bubble in which they lived which was a specific geographic ecosystem.  Suddenly their bubbles popped. The conditions changed. Their serene world careened into the 19th century, and they lost. They lost because of an inability to adapt.

We Adapt: Humans are different. We don’t adapt to suit our environment. We adapt our environment to suit ourselves. This is our axiom. Now, whether this application of adaptation is a moral one, is not the purpose of this discussion.

Change to Survive: Situations and environments change. Those who most nimbly adapt will survive. The others will not. For a case study, look at Sears. They OWNED the mail-order business. Then came Jeff Bezos in his tiny garage selling books—over the internet. No threat there. Until it was one. It was too late for Sears. Sears SHOULD HAVE owned the online mail-order business. The same way they owned the magazine mail-order world. Like the Great Auk, they failed to recognize a threat. With their ineffective wings and clunky feet, Sears bumbled into the 21st century, failing to adapt quickly when the environment changed.

The Trouble of Inconvenience: For Sears to change its business model would have been inconvenient. People don’t like inconvenience. We develop a bubble of comfortable systems and familiar procedures. We actively reject anything that may disrupt the playful bubble of familiarity.

Hard for the Bad Guys: As defenders of our world, we can use this natural human aversion to personal inconvenience to our advantage. If we make it sufficiently inconvenient for a cyber-criminal to successfully attack us, it may demotivate them and cause them to seek a softer target.

Contact CyberEye – They Know: Unfortunately, this article doesn’t provide the space to list everything you can do to introduce inconvenience into your cyber defense plan. Feel free to contact the Cyber Guys from CyberEye for details.

Recognize the Threat: Both the 19th century Great Auk and the 20th century Great Sears, didn’t recognize the threat early enough. At best, the great Auk could have changed breeding sites to a less convenient location, then decrease the frequency of human interaction. Sears could have bought Amazon’s business model for a few thousand dollars and adapted to it.

Make Adjustments: In 2021, if your business survives the tragedy of COVID, the most likely cause for failure will be a lack of flexibility in your business processes. There is a cyclone of cyber-criminal activity on the near horizon. There are threats we’ve never even considered about to drop anchor just offshore.  Sadly, change is the axiom of the cyber-threat landscape.