If you said, 2007’s Live Free or Die Hard, you are correct! Hopefully the picture was a give away…casting Kevin Smith as The Warlock was pretty much a genius move…
In an odd coincidence, I recently watched this movie again and then I happened on an article about public utility companies being targeted by hackers. The details are a pretty sobering illustration of life imitating art…or at least life catching up to Hollywood: “..While the hackers used their illicit access for spying, Symantec said, if they had decided to use it for sabotage they could have damaged or disrupted energy supplies in many countries…” Imagine, if you will, a sophisticated attack on not just the US (as in the movie), but on several countries simultaneously…dang, that could be the sequel!
Hollywood aside, cyber crime has become one of the top stories of 2014. It seems that we hear daily of a new security breach at a well-known company. Take for example, the recent revelations of JP Morgan Chase. The details are somewhat more interesting than other direct hacks (e.g., Home Depot, Target) in that suppliers of Chase were compromised and that led to the larger breach. It should be obvious, but we have to keep in mind that security isn’t just limited to our own organization…it extends out to partners and other contractors that we use.
In another timely coincidence, NIST just released a draft document – Special Publication 800-150, Guide to Cyber Threat Information Sharing. This provides many recommendations regarding how to share threat information with other organizations. This is the “how-to guide” for joining a cyber security community. In the past, attacks have been generally handled internally and with a good amount of secrecy (…to avoid the possibilities of others finding out key vulnerabilities…). NIST is clearly recommending that more value is gained by being more open with other stakeholder organizations (suppliers, contractors or peer organizations). They recognize that this may be more or less formal depending on the organization and industry and provide some guidance for various approaches. One of the more common-sense recommendations (I thought) was to share attempted intrusions to be more aware of different tactics, techniques, and procedures (TTPs).
Even though a new NIST publication isn’t “sexy”, its a welcomed addition during a year when cyber crime is exploding…and it’s not going to slow down anytime soon. So we might as well get comfortable in being more social about attempted intrusions and sharing what we know with each other…before we have to experience “Live Free or Die Hard” for real.