The classic fairy tale gone cyber
Illena Armstrong, VP, editorial, SC Magazine
The Walt Disney Family Museum in San Francisco is touting an artistic celebration of Snow White and the Seven Dwarfs in celebration of the film's 75th anniversary. When the animated movie came out in 1937, the inventive lushness and overall originality of its sketches, along with, of course, the innocence of its main character cast against the wickedness of her evil rival, captivated moviegoers everywhere.
The artwork chosen for ads marketing the commemoration, which is all about showcasing the work and dedication that Disney and his staff put into creating this classic, is lovely. One in particular shows only the wicked sorceress' gnarled, clawed hand extending into the frame a juicy, plump apple to a shy, trusting, doe-eyed Snow White. As she worries ponders whether or not to take the fruit, our heroine tentatively looks into, the viewer assumes, the eyes of the old woman situated off the page.
Now, we all know she shouldn't trust this nasty, old witch. The image, though, conveys that Snow White is going to take that apple – likely against a gut check she's choosing to ignore. Maybe it's all the time spent on the road for work, but as I looked at this ad's artwork, I was left wondering just how often we, trusting suckers of the world, buy what folks tell us, often ignoring the better judgment niggling at our tummies. What's worse in the internet realm is that the bad guys aren't so obvious. Warty, decaying chicks handing over delectable but contaminated fruit aren't suddenly expanding their evil deeds to spear phishing (and, if they were, how the heck would we know, anyway?) But, nation-state interests, cyber thieves, hacktivists, malicious insiders and others have been hard at work trying to advance their techniques to take down the Snow Whites (and, some might argue, the not-so-innocent Snow Whites) of the world.
“From stealthy to blatant tactics, 2012 has seen them all.”
– Illena Armstrong, VP, and editorial director, SC Magazine
And so all of the aggressive, often surreptitious, occasionally lingering, frequently simple and sometimes pretty advanced attacks we've seen this year have moved us quickly along to its end. We've witnessed sophisticated espionage weaponry, such as Flame, steal critical data and then leave backdoors to come back for more. Some spyware, like Gauss, was all about stealing login details of the banking customers it targeted. Other, more traditional hits used spear phishing to target victims to get at critical data, or scare tactics and other blackmailing techniques to steal money. Trojans and other malware were called into duty to steal passwords, and, of course, still more attack methods took advantage of web and other application vulnerabilities to get into networks. The list and certainly the creation of new methods to handily do some damage in the cyber realm goes on.
Credit and debit card information still remains a target as the Global Payments attack proved – a hit that resulted in the compromise of some 1.5 million card numbers. User passwords also were heavily targeted more this year – as shown by attacks on LinkedIn, Yahoo! and others, which resulted in millions of users' credentials being publicly exposed. Servers with robust caches of other juicy customer information remained prime wins for cyber criminals, too. Then, supply chain vulnerabilities – an old, familiar issue – came to the fore once more as the release of a U.S. Congressional report called out Huwaei and another China-based telecommunication equipment supplier as nation-state-backed organizations in which U.S.-based businesses should not trust (but, of course, their alleged deeds of questionable coding and backdoors in products aren't the only ones to question).
From stealthy to blatant tactics, 2012 has seen them all. That's what our annual Reboot edition is all about: Reviewing the year's good and bad happenings so that we might get a handle on what to expect in the next 12 months. And, as predictions from hither and yon pour into SC's email boxes from our many industry contacts, the overall forecast for which we must all prepare next year is the classic battle between good and evil (with maybe a little grey mixed in) will continue. Thankfully, though, there will be heroes to call out, like this year's Luminaries, who are all about dislodging those poisonous apples putting chokeholds on the Snow Whites of cyber space.