Hi All. Everyone is alert and watching for the Corona Virus, and many nations are evacuating their citizens from China. What parallels can we learn from a cyber security context from this developing situation?
What better way to spread the virus than to unleash it so that it infects people, then spread panic so people start leaving, taking the virus with them and thereby increases the spread of the virus?
@CISOScottI agree, it could have been handled far better than it has. Isolating China in a deeply distributed, highly connected world may work on people. But the bad timing of the Chinese New Year propagated the infection and possibly this has caused it to grow in epidemic proportions within a few days. But would it work on a malicious infection, borne by technology, which also took out critical infrastructure, utilities - each an every company/organisation would literally been on their own.
Could they have applied resilience techniques in preparation for such events?
To take an example the Citrix issue at the moment, was literally a zero day in our world, and many people were caught out, because the perpetrator managed to sneak into many organisations, leave their tool kit in preparation for a later time and then left. Organisations have been closing the backdoor the perpetrator used originally, and now the organisations themselves are going through costly investigations forensically to work out the how, what, when and where issues, which is ongoing.
@rslade I have to agree with you, and the Apple Mac issue came home to me last week - nothing is 100% secure, having had to go through a period of 24 hours myself resulting in a total re-image due to a cascade of issues - which started out with not being able to remotely connect. There were other indicators, which were only discovered going through the recovery phase and no it was not compromised, more software fatigued I believe over time - and badly needing a refresh to clean out the re-occurring problems.
Your analogies are brilliantly articulated. I am sure there other parallels which will come of this too, I am sure we can think of many more.
First thing to come to my mind was the old adage that, 'People are our greatest asset as well as our greatest liability.
Not only that but if you watch how people move about you will see similar patterns to, at least old, PC virii moving from machine to machine back in the 'sneakernet' days. No real difference there, people will avoid risk by dispersing from apparent danger, taking new risks with them regardless of said risk to others.