Posted by: Greg Ness | October 6, 2019

The Digital Age Maginot Line as Foreseen by Mel Brooks

Blazing Saddles tollbooth

Attack Vectors in the… Trillions?

The growing attack surface of the new industry 4.0 internet is a big problem. On this everyone agrees. But underneath the headlines and the frequent “patch now” warnings from firewall vendors is a more ominous reality few are talking about: the exponential vector problem.

Yes the attack surface is huge and growing. 127 new devices per second are being connected to the internet, many of them insecure by design, creating a global hacker’s superhighway. Got that. I discussed this in more detail in The Digital Cyber Security Paradox:

In 5 years there will be 75 billion devices connected to the internet, perhaps a few billion insecure and unpatchable.  An estimated 2 billion run VxWorks and perhaps a couple hundred million of those will not be patched in any reasonable length of time. – Archimedius

[Here is a great collection of IoT connectivity and market size stats from Cisco, Gartner, etc. on various aspects of the Saganesque “billions and billions” IoT estimates.]

OOPS- We’ve Gone Global

While everyone is focused on the massive, unprecedented growth in the IoT attack surface, the bigger problem is the exponential increase in attack vectors. This quiet reality is buried deep inside the WannaCry/NotPetya “oops- we’ve gone global” cyber attack. Remember when IIoT targets in Ukraine were unintended back doors into the UK health system, Maersk and FedEx? “Exponentially increasing attack vectors” is the hidden byline underneath our growing digital age cyber security malaise.

 The Maginot Line, when lateral movement trumped massive security investments.

Based on France’s experience with trench warfare during World War I, the massive Maginot_Line_1944Maginot Line was built in the run-up to World War II… French military experts extolled the Line as a work of genius… The line has since become a metaphor for expensive efforts that offer a false sense of security.”– Wikipedia

The Maginot Line was built based on the assumption that the next French war would be fought based on the technology of the last one. When the Germans quickly and easily conquered France, they did it by simply going around it.

Most firewalls deployed today were architected in the 1990s…. when there was only one way into a network. Today there are trillions of attack vectors and growing.

Old Architectures versus New Realities

Deploy a firewall in front of each device?  That would bankrupt most organizations. That is, if they could find enough skilled security pros to manage them. The new digital era problem: how old architectures address new realities. It’s complicated… and expensive… just like the Maginot Line.

A few weeks ago this came up on an episode of theCUBE, recorded after Gabe Lowy published his thought-provoking paper: Securing Critical Infrastructure Against Cyberattack. I mentioned how “we don’t even have the semblance of a Maginot Line when it comes to IIoT infrastructures. And these infrastructures offer access to critical systems in factories, hospitals, cruise ships and even power and water stations.

An Important Realization

At the close of IIoT and Cybersecurity: Apocalypse Now or Later John calls the IIoT  problem “one of the most important stories in the tech industry in a long, long time…” He’s right.

Perhaps Mel Brooks saw this futile digital age scenario coming decades ago. Imagine a toll booth sign saying “’Zero Trust’ courtesy of your firewall vendor.” Now that’s comedy, or at least tragicomedy.

 

See You at Torrey Pines!

On October 10 I’ll be discussing this problem further at Future in Review with Anne Hardy, Steve Fey and Derek Harp. I hope to post the panel video here in a few weeks.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Categories

%d bloggers like this: