Hi, it’s Jeffrey Wheatman. Recently, we’ve had many inbound requests from a variety of media and press outlets asking questions about whether the coming economic downturn (I’m not calling it a recession just yet and you’d better not either) will embolden evil doers and nefarious actors.

The answer is: well duh! Bad actors are always looking for shortcuts and easy ways.

As more and more organizations are preparing for an economic roller coaster, the bad actors are drooling with anticipation. While companies are pulling back and cutting, the bad guys are ramping up.

Chaos is always the friend of the attacker.

Imagine for a moment that you are the target of an attack. Someone knows you have a huge box of digital wacher-call-its, and they want them. They are worth money and can be sold on the open market for cold hard cash, or crypto currency. Think of two possible scenarios –

  1. An attacker probed your firewall, looking for open ports. The firewall is pretty locked down and the attacker’s scan is very noisy. Your IDS alerts and you are able to fend off the attack without much effort.
    -OR-
  2. Your permitter is getting slammed with a massive DDOS. The FBI just showed up at your office because there is a bunch of outbound malicious traffic from your IP address range targeting all the *.mil domains. The marketing team is screaming because somehow your email domain just got blacklisted due to spamorama coming from your webmail server. Now scenario 1 happens. The likelihood of catching the same attack under the cover of chaos is going to be much lower.

Noise acts as a cover.

In this case, the noise is being created by the attacker. But that same attacker might have an attack teed up … waiting for some chaos cover.  For example, perhaps they might be targeting a well-known company that has a lot of useful data, that just laid off 7,500 people, including ¾ of the security team, the privacy team, the ethics team, and the board of directors. Do you think this company would be able to keep the attack from causing harm? It might, but it would be much harder.

  • While you are distracted by talks of cost cutting, the bad guys are watching.
  • While you are shifting your risk appetite to continue to do business during uncertain times, the bad guys are waiting.
  • And while you are juggling all of your departmental tasks with less money and less people, the bad guys are acting.

What should you do?

While the economy cycles up and down periodically, we all have jobs to do and in your case, your job is to ensure your organization is protected. Here are some tips to help protect you during times of chaos.

  1. Separate out the dangerous from the background of the annoying. Focus on business-critical impacts.
  2. Shift resources from the purely operational toward investing in enhancing visibility and continuous monitoring.
  3. Keep the communications open with your internal and external stakeholders.
  4. Conduct tabletop exercises to identify weak spots in your detection and response; make sure you throw in some noise chaos and red herrings to see what happens.

You can’t control chaos, but you can control how you respond to it.

Stay safe, stay healthy and stay secure.

Wheatman, out!