Big Bad Wolves Blowin’ Down Some Nasty Ransomware on Yo House

Lately I’ve been having fond memories of gently tucking my kids in bed.  Gosh, time passes quickly.  For me, bedtime stories were a theatrical production.  I amped up a couple of the stories my dad used to tell, and I leaned on a couple of the tried’n’true.

 

One of my kids’ favorites was my rendition of “The Three Little Pigs”…  Piggies dancin’ away without a care as Mom & Dad waved goodbye and “set them off to seek their fortune”…  Animated negotiations for a wheelbarrow of straw…  Huffs & puffs that would make the WWE proud…  Explosions…  Long whistling noises as the wolf came crashing into the pot of boiling water…  The joyous celebration as the three brothers were reunited.  (Yeah, yeah, I know.  I’m the worst kind of sexist.  Deal with it!)

 

In my mind, everything seems to tie back to InfoSec these days. 

 

And since every corporate executive’s light bulb has gone off and they’re coming to us with astonished looks on their faces saying, “Did you know that Nigerian princes can encrypt our data and hold us ransom!?!”

 

So what can we learn from the pigs?  First, please allow me introduce our cast of characters.

“Russell” bought the straw.
“Rod” built the house of sticks & twigs.
The brick house?  Well, he’s just “Brick”.

 

Russell was the wolf’s first target.  It’s no wonder.  Wolves aren’t stupid. They might be sinister & uncaring, but not stupid.  They go after the easy pickin’s, especially when it comes to bacon.  (Click that link and you’ll read the rest of this in a Jim Gaffigan voice.)  Obvious lesson.  Build your firewall & endpoints of brick.  Wolves look for straw.  If you’re not implementing Cylance, Malwarebytes or something comparable on the endpoint, then you’re straw.  Easy pickin’s.  BACON!

 

In my version of the story, the wolf always had to blow harder to get Rod’s house to fall.

 

My straw salesman tried to warn Russell that straw houses weren’t a really good idea.  How does this apply to you?  The “Russell’s” heading up your organization had their head in the sand.  But with ransomware on the front page of both the Huffington Post & Drudge Report, the light bulbs are going off.  And here they come, holding out wads of cash pleading that you “MUST… BUY… BRICKS… NOW!”  It’s our job to help them realize that simply replacing straw with bricks isn’t all we have to do.

 

Rod pretty much had the same line of thinking as Russell.  Brick?  Learn to think like a wolf.

 

When the wolf finally made it to Brick’s home, and failed at blowing the house down, he was patient & calculating, always looking for another way in.  Build multiple tiers of defense.  Sure, that sandbox guarding your email & firewall is like a brick wall.  But that doesn’t mean you can rest easy on the devices themselves.

 

Brick built defenses inside that were better than the walls he had built.  We can’t under estimate how important that is to the outcome of the story!  Brick knew the wolf would, sooner or later, find a way in.  So he was ready.  He didn’t give the wolf any time to move around once he came down the chimney.  He knew as soon as the wolf got the ladder what was coming next.

 

If you’ve been reading this blog, you know new technologies are available that detect insider bad behaviors & lateral movement – almost immediately.  Two game-changing technologies that InterWorks has evaluated and ended up at the top of our list are Vectra & PreLert.

 

I ended my “Three Little Pigs” in different ways for my kids.  Sometimes, Brick was reunited with his brothers.  (Miraculously!)  Other times, Brick had his own victory celebration.  But in the end, my children went to bed with happy thoughts and knowing that the world was safe and good.  And that’s what I wish for you…

Be safe.  Be secure.  Be good.

 

 

I could really use your help!  We’re debating whether we should make this into a presentation.  Got other ideas about how we can relate InfoSec to “The Three Little Pigs”?   Give us a call or email us… sales@iworkstech.com

Leave a Comment