Reading through the latest edition of Dilbert’s adventures in office politics, I find myself wondering whether Scott Adams, the comic strip’s creator, ever worked in IT. He seems to have a keen understanding of how IT issues manifest themselves in the workplace.
In a comic strip I read recently, Dilbert’s Pointy-Haired Boss finds a thumb drive on the sidewalk and, instead of simply discarding it, he goes back to his office computer and inserts the drive to see if he can use it. He may have found a new thumb drive, but he has also unwittingly released an Elbonian computer virus onto his organization’s network.
The cartoon made me chuckle, but IT professionals recognize that there’s more than a grain of truth beneath the surface of Adams’ humor. Two elements of the comic strip strike me as especially relevant to the modern IT environment: the thumb drive and the Elbonian hackers.
A “misplaced” thumb drive is a useful tool in the hands of an attacker seeking to bypass an organization’s perimeter defenses. I work with white hat security testers who use this trick successfully in many of their engagements. They will simply place a handful of inexpensive, large-capacity drives around the workplace; inevitably, someone will place a drive in their work computer. Whether they’re doing so to rummage around for interesting contents or, like Dilbert’s boss, simply to get a free thumb drive, the result is the same. Unbeknownst to the user, the thumb drive installs malware on the system that begins crawling the internal network.
The Elbonian hackers also have real-world parallels. We’ve seen the sophistication of attacks grow over time, but most hackers aren’t actually that sophisticated. They simply repurpose tools built by others to attack their targets. In fact, hacker tools often generate profits for their developers, and some even have full-fledged customer support efforts.
Defending Dilbert’s Network
Dilbert and his team find themselves facing the unenviable task of defending their network against an unwitting attack from within. One of the best ways they can do this is to take advantage of cloud-based security tools.
These tools are especially important in an environment where attacks become more dangerous by the day. You can no longer rely on single-purpose tools with outdated mechanisms of action. You also need to remember that your users are not just on your network. They access your resources from all over the world.