Bike welds, spray paint, and cybersecurity 

On the corner of Fort Lane and Gentile Street, beside an aging strip mall with a drugstore, a five-and-dime and a Safeway, was an empty lot—empty except for the yellow, knee-high grass typical of August summers in my hometown. The whole field smelled drier than a canvas sack of wheat; some days the heat of the sun by itself was enough to burn it up. And there, along the trail, my old Huffster soared, leaning and squeaking all the way, with dust flying from its deflated tires. 

My best friend Tracy and I had been stress-testing our pedal bikes. His was a sparkling red Schwinn with a white stripe down the side, chrome fenders and all; mine was a weary old street bike Santa had picked up at the five-and-dime. It had started as a blue-and-yellow Huffy road bike with a banana seat, and in 1984, vintage road bikes weren’t super cool. BMX bikes were cool. So my 1977 Huffy had been rattle-can painted flat white. It now sported an orange saddle seat from my brother’s discarded ten-speed. The tires were balding and weather cracked, not BMX dirt-track style—road style. It was a Franken-bike. And it had spent way too many frigid winters leaning against the side of our trailer house. 

The one thing my Franken-Huffy had going for it was its weight: not a lot of steel in my steed. It was a feather. (The Schwinn, in contrast, was a steel tank. It rode like a tank, and it jumped like . . . well, a tank. In that, and only that, Tracy was jealous of the Huffster.) But here amid the tall, drooping, grass and stifling August air, the glory days of my cracked-tire, rattle-can abomination came to a sudden end. 

Midway through the final jump of its dwindling life, the Huffster came unglued—not literally, but almost. The welds holding both tubes to the gooseneck released their grip, weakened by the cumulative stress of too many jumps and too much extreme weather. I landed on my feet in the dust, kicking up a cloud, which settled at last over the faded, white frame. Then I turned. The rusty handlebars, forks and front tire looked as they always had; the sad remains of the powertrain had collapsed. 

In 1984, the Huffster died. But the Internet was just emerging from its digital nursery. What Tracy and I could not have known then as we strolled sullenly from the yellow field (making a quick stop by the drugstore for a cold Coke) was just how the Internet would affect our world forty years later. Its users have been conditioned to think of computer and network security as the products of intentional design. Truth is, security’s an afterthought. It quite literally is not a requirement. The systems you think are baked into your shiny new laptop have actually been cobbled together and hastily bolted on, much like the structures of the Huffster. And the comfy reassurances and guarantees from its makers are little more than a superficial, flat-white veneer. 

We advocate not just for a single coat of illusory security paint, but for many solid layers, as well as a healthy dose of foundational stability. It’s called Defense in Depth. It means you have several layers of protection. And maybe more importantly, you use a dedicated security company like Cybereye in addition to your regular IT company. 

Several of our stalwart readers here in Cochise County have informed us that the knowledge they’ve received through this column has helped them to avoid being scammed. I can’t tell you how thrilled I am for that. We are very grateful to the Sierra Vista Herald for allowing us space to rant about cyber crime. You, our beloved readers, can help us. If you’ve found valuable information here, tell your friends to get the paper so they can benefit, too. (Quality cyber training rarely comes at such a low expense, after all.) Help us reach out to local businesses. The Cyber Guys have a cybersecurity consulting business (also insanely affordable) based in Cochise County. Essentially, we provide preventative treatment for the cancer of ransomware, as well as other kinds of malicious ware. But we need your help spreading the word 

Computer security is what holds our digital world together . . . until it doesn’t. But my poor Huffster with its ruined tires and unsteady, cobbled structure had little more than a film of white paint for reinforcement, and even knowing this, I abused it without a second thought. Don’t fall into that same trap. 

Layers of Defense Against the Plague

Plague. What an ugly word. So ugly, indeed, it is rarely used to depict anything less than apocalyptic. Now another word has unmasked our distant socializing. COVID-19.

My daughter (now living in distant Texas) told me over the phone she is SICK of COVID-19. Not with. Of. She came down with a cold last week and had to get a COVID-19 test. Just to be sure. She was livid. She threw her steel water bottle at the tile floor.

Your Immune System: I spoke to a friend in the medical field last week about how the COVID-19 vaccine works, and how our immune system uses it. He explained there are several layers of defense inside the body.

The Skin: The first layer of defense is the skin. It keeps most pathogens out of the body. Problem is, there are a couple of orifices through which a pathogen may enter. Primarily the nose and mouth.

Innate & Adaptive: Once inside there are two main systems involved in eradicating the threat. The “innate” and the
“adaptive”. Newborn babies are immediately protected by the innate immune cells. Innate immune cells recognize “general” danger. The other system is the “adaptive” system. It’s the one that recognizes specific pathogens.

Going Deeper: There are sublayers of these two systems. Bone marrow, the spleen, the lymphatic system among others less well-known to the general public due to social distancing I’m sure. All are critical to our survival. If any of these additional layers malfunction, or cease to function, the results can be catastrophic.

Just Like Cyber Defense: By now you are wondering, this is all fine and good, but what does it have to do with computers? Let me explain. Our physiology uses two proven methodologies to protect us. Both of which are also applicable to computer, network, and information security. One is “Defense in Depth”, the other is “Zero Trust”. It’s kind of like this. Imagine if the only defense your body had against disease was your skin. How long do you think you’d survive?

Holes in Your Defense: Your skin is like the firewall of the body. You need it for sure. And it DOES keep out a lot of pathogens. But remember the two BIG weaknesses in that defensive layer of skin? You need to eat and breathe so you can’t close those ports. They have to remain open. And generally, that’s how pathogens get in and you get sick. In like manner, the firewall you use on your network has two gaping holes. One for internet, and one for email. And generally, that’s how malware gets in and you get ransomware.

Antibodies: Once inside your body, a virus is detected as foreign and immediately attacked. Then the antibodies build a memory so if that specific virus ever comes back, the time to eradication is significantly reduced. Your Immune system can also fight pathogens your body has never seen before. Anything that isn’t known by your body to be good is immediately attacked.

The Problem with Cyber Defense: Imagine if your body only eliminated those pathogens it KNEW was BAD. The human race would never survive. Unfortunately, this is EXACTLY the approach we’ve taken with computer and information security. The expensive firewall you have at the edge of your network is like your skin. Complete with two gaping holes for internet and email access. Holes through which the pathogens enter your network. You have antivirus too. But it only stops what it KNOWS is bad. What about all the bad it doesn’t know about? There’s the problem. Because there are over 100,000 new malware variants EVERY DAY. 100,000 new malware variants your antivirus knows NOTHING about, cannot detect, and will not stop.

AppLocker: Just like the human race would never survive with that approach to pathogens, networks succumb to ransomware and other malware every day. For that very reason. They only stop what they know is bad. Fortunately, there is a solution. It’s sitting in your operating system already. It will stop about 95% of all the new malware. Even if it’s never seen it before. It’s the adaptive immune system of your computer. On Windows it’s called AppLocker. But you have to enable it. It’s turned off by default.

Contact the CyberGuys from CyberEye about how to do that at no cost to you.

Defending the Castle of Gondor

The Defense: The brutal battle of the Pelennor Fields in The Lord of the Rings epic, is instructive for cyber defense. Gandalf, the White Wizard, was charged with defending Minas Tirith, and the majestic Castle of Gondor. The castle was constructed with a series of concentric castle walls for protection.  During the attack of Dark Lord Sauron’s minions, Gandalf tried to hold ground.  Eventually, the first wall was breached, so Gandalf ordered his army back behind the next wall.  The situation was bleak, but moving behind the next interior wall bought them time as they waited for Aragorn to come with reinforcements.

Cyber Defense: Cybersecurity for your organization is a lot like defending the Castle of Gondor. You need to slow down the attackers before they get to your critical assets. Protection in layers in the cyber world, much like that concentric castle, is called “defense in depth.”  An article from Force Point (https://www.forcepoint.com/cyber-edu/defense-depth) defines it well. “Defense in Depth (DiD) is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information.”  With cyber DiD, like with the Castle of Gondor, if one set of defenses fails, there is another mechanism in place to impede the attack.  Sometimes the cyber DiD is called the castle defense due to the parallels between cyber warfare and physical warfare.

Make It Tough: The goal of DiD is to slow down the attacker and get them to make “noise,” so they can be detected, and the user can get reinforcements.  Unlike Gondor, where the siege was quite obvious, cyber-attacks can go undetected for weeks and even months.  This is where your cyber-layered defenses can help to slow the attacks down and make some noise.

Controls: We discussed controls last week.  A control is an action, a device, a procedure, or a technique that removes or reduces a vulnerability. Controls, when used in depth, can make severe vulnerabilities hard for attackers to take advantage of, or exploit.

One Is Not Enough: In the cyber world, there is no single control that can successfully protect against every single type of attack.  For your network, the expensive firewall is not going to stop everything, nor will the next- generation anti-virus.  You need to have a layered cyber strategy that includes preventive, detective, and deceptive controls to protect your network. 

Layered Defenses: A layered defense would start with the basics of firewalls and anti-virus/anti-malware, but it might also include an intrusion prevention system, end-point detection, centralized monitoring, encryption, web application firewalls, and access control lists, to name a few.  Besides these technical controls, you can also add procedural and policy controls – a set of rules to follow, and the proper way of doing things.  In addition, you can work on human security by adding cybersecurity training to your layered defense.  Human security is critical, as all the leading-edge technology is helpless if the end user provides the hacker the keys to the kingdom. 

Held Out Long Enough: Aragorn brought the Army of the Dead to save Minas Tirith from Sauron’s army. When it came to their defense-in-depth strategy, the sum of the protective layers was much greater than what was offered by each individual component. Just like the Castle of Gondor, your cyber defense needs overlapping and redundant defenses.  If the attackers make enough noise, you may have time to get reinforcements in place.