By Line T. Sieg December 20, 2023
Cybersecurity & the Domino effect
A cyberattack is rarely caused by one big thing, but more often a combination of many little things. We see it all the time in disaster documentary film, how even the tiniest little detail can start a chain reaction with devastating results. A chain reaction that could have been stopped if even just one of the Dominos in the line were missing.
Take documentary film about plane crashes for example. We know flying is safe, we know how high the security priority is. In the events of a crash, we hear of all the frustratedly many small errors and we are left wondering how so many things have been overlooked.
The truth is; that some of the things are not that serious or dangerous, if they were isolated events. So why spend time and money on fixing something that isn’t a problem (yet)? If you even notice the issue, that is! The danger comes when these little things line up in that all too familiar Domino line, just waiting for that one little push.
It is the same thing with cyberattacks. It’s rarely just one thing going wrong, but a whole Domino line of things. The good news? There are just as many places to strengthen and to make secure. It’s all about awareness! Let us have a look at an example, shall we?:
A phishing e-mail is sent to the inbox of an employee
Domino 1
There should be a spam filter on the e-mail inbox to stop the e-mail before it arrives… But there isn’t and the spam e-mail arrives in the inbox
Domino 2
Now the spam e-mail should be ignored, deleted, or reported by the receiver… But it isn’t and the employee opens the e-mail and the attachment
Domino 3
The infected attachment should be detected by anti-virus software… But it isn’t and the device is now infected without anyone knowing about it
Domino 4
The malware should be contained to this one device… But it isn’t and the network is open for the malware to spread
Domino 5
The spread of the malware should be contained at the employee’s security clearance level and not move up in the system to the core infrastructure… But the employee’s access has not been restricted and the malware has equally no restrictions to the whole IT infrastructure.
Each of these Dominos could and should have prevented the next one from falling to prevent further repercussions. Hindsight is always 20/20 as they say.
Notice how the Dominos contain both technical and human aspects, which means that the cybersecurity should address both. Now this is the whole point of the socio-technical aspect!
What measures have you taken to stop the domino effect in case of a cyberattack?