Sun Tzu's Art of Cyberwar

Uploaded on 2017-06-15 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

An ancient Chinese military treatise from the 5th century BC, The Art of War by Sun Tzu, is considered a definitive work on military strategy and tactics. Through the ages, military leaders have been inspired by it, even to this day.

Beyond the military, its advice on how to outsmart opponents has been applied to various competitive fields from business to sports. Increasingly, as warfare moves from the battlefield to the realm of cyber-space, its principles are being seen as especially applicable to cybersecurity.

Despite being written thousands of years ago, these classic defense strategies are undoubtedly still relevant, for the modern defender of IT infrastructure. The principles of Sun Tzu are not only relevant to defense, but also for understanding the approach of attackers.

Know the Enemy and Know Yourself

One of the most often quoted Sun Tzu quotes has enduring resonance for many situations in life, including cyber-security. To understand how a hacker is likely to operate, we must first understand their motivations and what they are trying to achieve. When we know what assets they are likely to target, we can better focus on effectively protecting them.

To be properly prepared for cyber-incidents, we must also have a clear understanding of our own business and infrastructure, where is our data held? What software are we running? Is everything patched and maintained? What’s more, is the proper training in place for staff? Attackers will always ‘strike at what is weak,’ and employees are often the weakest link in the security chain.

All Warfare is Based on Deception

Many of the methods used by attackers are based on deception, whether that’s phishing, spear phishing, whaling or social engineering. Often used to trick unsuspecting employees into engaging with malicious attachments or links, phishing attacks are becoming increasingly sophisticated, with hackers now tricking employees by posing as more senior members of staff and even CEOs, requesting funds to be transferred.

Recent ISACA research has found that 1 in 5 UK office workers have fallen prey to phishing scams, while over half said their employer has not provided any cyber-security awareness training. Employee training and awareness is key to limiting the risk of deception by malicious attackers, and as the above example demonstrates, this training needs to be rolled out to the most senior staff, too.

Attack him where he is Unprepared… 

Appear where you are Unexpected

While employees can be a weak link in the chain, they are not the only route inside an organisation. It’s important to remember that attackers will also have been trained to know their enemy and, in preparation for an attack, will have done their homework on all possible routes and weaknesses. Organisations should therefore consider all avenues of access and what vulnerabilities they might have.

Fortunately, with exercises such as penetration testing, organisations are now able to assess their own security before a hacker does. Through this exercise, organizations can not only scan their systems for vulnerabilities, they can also test employee knowledge and awareness by simulating a real-world attack scenario.

Just as Water retains no Constant Shape…  

In Warfare there are no Constant Conditions

Attackers are agile, so organisations need to be as well. As organizations become wise to traditional attack methods, hackers will only develop new ones in a constant arms race for supremacy.

At the same time, businesses are continually evolving and adapting, whether that’s upgrading systems, introducing new technologies or changing business models. Businesses should be mindful that all of this change can introduce new cyber security risks, or remove old ones. One of the best ways to be prepared is to keep up to date with the latest best practice frameworks for enterprise IT, such as COBIT 5.

In the Midst of Chaos there is also Opportunity 

When it comes to cyber-security breaches, the rule is always ‘when,’ not ‘if.’ When breaches occur, organisations should focus on the lessons they can learn and improvements they can make as a result. The root cause should be identified and changes should be swiftly implemented to address this, with the lessons learned shared with all relevant staff.

Suffering a breach can provide the opportunity to reflect and revisit the strategies organisations have in place. Why not apply strategies that have been tried and tested over millennia? As Sun Tzu says, “The opportunity to secure ourselves against defeat lies in our own hands”.

Info-Security

You Might Also Read:

Russian General Brags About Cyberwar Successes:

Fighting The Invisible War In CyberSpace:

 

 

« Hackers Hit Russian Bank Customers
WannaCry Was Not A Phishing Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Mako Group

Mako Group

The Mako Group specializes in protection - providing security through auditing, testing, and assessments. And, we do it all with the highest quality standards possible.

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

Venable

Venable

Venable is an American Lawyer 100 law firm with nine offices across the USA, Practice areas include Cybersecurity.

KZ-CERT

KZ-CERT

KZ-CERT is the national Computer Emergency Response Team for Kazakhstan.

European Network for Cyber Security (ENCS)

European Network for Cyber Security (ENCS)

ENCS’s core focus is around educating and solving cyber security challenges in the development and operation of energy grids across Europe.

Veriato

Veriato

Veriato develops intelligent solutions that provide companies with visibility into the human behaviors and activities occurring within their network, making them more secure and productive.

California Cybersecurity Institute (CCI) - Cal poly

California Cybersecurity Institute (CCI) - Cal poly

The CCI provides a hands-on research and learning environment to explore new cyber technologies and train and test tactics alongside law enforcement and cyberforensics experts.

Nexis

Nexis

Nexis GmbH is a German IT security company specializing in IAM, access control, and risk management.

CyberProof

CyberProof

CyberProof aims to give clarity and confidence to businesses worldwide using a new risk-based approach to cyber security services.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

Stratus Technologies

Stratus Technologies

Edge Computing solves the inherent challenges of bandwidth, latency, and security at edge locations to enable IIoT devices and data acquisition.

FortKnoxster

FortKnoxster

FortKnoxster is a cybersecurity company within the Crypto & FinTech space. Our encryption technologies are blockchain integrated.

Spotit

Spotit

Spotit offers a wide-ranging portfolio of technologies and services, from consultancy, assessments and pentesting to the set up of completely new security and network infrastructures.

Rimini Street

Rimini Street

Rimini Street is a global provider of enterprise software support products and services, and the leading third-party support provider for Oracle and SAP software products.

Druva

Druva

Druva is the industry’s leading SaaS platform for data resiliency, and the only vendor to ensure data protection across the most common data risks backed by a $10m guarantee.

inSOC

inSOC

inSOC is an enterprise-grade AI-driven SOCaaS solution detecting breaches 24/7 with vulnerability management built-in. Designed for MSPs and MSSPs.