Richard Ramirez is remembered all across southern California for the terror he invoked during the early 80's. He was nicknamed the 'Night Stalker' and was known for the ease with which he entered his victim's homes. He did not break and enter, he didn't break windows or climb down the chimneys. For the most part, Richard 'walked' into homes either through screen doors left unlocked or windows left open. Many of his crimes I've heard, were committed close to freeway ramps to facilitate a fast getaway.
What was very interesting to note about Ramirez's victims is that even though the city was aware of a serial killer on the loose, people still left their windows open or the screen doors open. I know I would batten down the hatches and take extra precautions until I heard the killer had been caught. So what makes people be lax and laissez-faire, in the face of a known and omnipresent danger?
Enter what I coin as the 'aint' gonna happen to me' syndrome. It's the opposite of the 'safety in numbers' effect. It's when people think that's its such a big situation that they cannot possibly be the target. It's when individuals think that 'its a big city and there's thousands of homes and hundreds of thousands of people, surely nobody's going to stop by my house and single me out'. But yet Ramirez did just that and time and time again he found homes with little or no security and he walked right in with minimal effort.
Does this ring a bell now folks?
Fast forward to today and the Advance Persistent Threats (APT) that are an omnipresent and clear danger. There's probably very few IT and business people who have not heard of the chinese hackers attacking our systems and stealing valuable business intelligence through APT. And yet in the face of this very clear danger, there is still a lot of work to be done to close those open windows and open doors. There is still a lot of the 'ain't gonna happen to me' syndrome in our business environment. Systems that are unpatched, privileged accounts that are inadequately protected, a reliance on anti-virus alone for security - these are all examples of open windows and doors that allows an attacker to easily 'walk' into our network and take way all the that is dear to the business.
The 'ain't gonna happen to me' only works until someone attacks you and by then it is too late to do anything about it.
No comments:
Post a Comment