Cybersecurity and the Bible?!

the-cyber-and-the-bible

I was thinking of a subject to write for this blog and, after going to church, thought about how the Bible might have had some prognostications to the computer age.  I have heard many people talk about how the Book of Revelations predicted the internet (the “number of the beast” or 666 translates to “www” according to the Hebrew language), but were there any phrases in the Bible that might relate to our current cybersecurity efforts today?

Unfortunately, after some effort trying to put in search terms like “router” or “password” or “authenticate” or other such words, I found nothing in my version of the Bible (King James version), but some other words did hit on some interesting phrases.

The first word was “network.”  This one brought up some interesting references, especially in the Book of Isaiah, where in Chapter 19, verse 9 it says “moreover…they that weave networks shall be confounded.”  I just thought this was such an interesting phrase, since the more complex the computer network, the easier it is to defeat that network.  In the same way that having a large area of land is tough to patrol for intruders, the network “land area” (or “LAN area” if you like puns) is tough to patrol for cyber intruders as your network becomes more expansive.  This one did raise my eyebrows slightly because of the applicability to today’s cyber environment.

Network was also used in the Book of Kings, where in 1 Kings, Chapter 7, verse 18, it says “…and he made the pillars, and two rows round about upon the one network…”  This could be interpreted as a type of computer network, where it is both hierarchical and peer-to-peer, some of which are used today.  It could also refer to firewalls or DMZs, which could stand as pillars to block intruders from entering the network.  I know, I am stretching, but the fact that this phrase even exists in the Bible is interesting if nothing else.

The second word that I found was “host.”  Now, in the Bible, at least from my reading, host is just that:  some person or some entity that is in charge of the tribe or family.  There was an interesting phrase in the Book of Judges, where in Chapter 8, verse 11, it states that someone “…smote the host; for the host was secure.”  This is probably the one phrase that pertains the most to cybersecurity.  Why would anyone try to defeat a system that is already defeated?  The challenge to defeating a system is to overcome the security; to aim the intrusion against something that is reported to be “unsinkable.”  What better way to make a name for yourself as an intruder than to defeat a secure host.

Okay, all this is hyperbole, I realize that.  It is interesting to note that maybe the Bible was not predicting the internet or the computer age, but that something written as long ago as this reference can be adapted to something as new as the computer security arena.  It was a fun exercise, but it is much more than that to me.  It means that users are the ones that operate and maintain computers, computer networks, and computer security.  If the people are not considered in the equation, we are really not considering the entire formula.  By personifying computers through use of the Bible, I hope to bring us all back to the basic as IT professionals.  We MUST consider the users (and the intruders who are also users) in the big IT picture.  The past is the future.

http://www.grectech.com

This Day in History – The Making of a Traitor (or Insider Threat)

stealing-password5Most people know the name of Benedict Arnold.  Traitors are called “Benedict Arnold” as well as those that switch sides in the middle of a battle.  But the name has much more meaning if you take a look at this individual’s battle record during the Revolutionary War.  Let’s start with a small, but important, fort at a place call Ticonderoga.  This fort had strategic importance since it lay on the fragile northeast corner of New York State, close to Vermont and the St Lawrence River.  The British wanted this fort, which was occupied by the Americans.  Benedict Arnold, then a patriot, offered advice to the fort commander to ensure that there be patrols on the hills overlooking the fort, since it was there that a well placed cannon could fire down on the fort, inflicting heavy damage.  The fort commander ignored the advice, stating that there was no way a cannon of that weight could be hauled to a point to fire effectively on the hill.  Benedict Arnold left, and shortly thereafter one of the fort’s lookouts saw the glint of metal on the morning sky.  The British had in fact hauled a cannon to the point where Arnold had warned would be vulnerable.  The fort was surrendered.  Although it was later recaptured by the Americans, it did not have to come to that if the fort commander had listened to Arnold.

Again, in 1777 Arnold advises General Gates to attack the British during the First Battle of Saratoga (anniversary of which is today – 19 September).  Gates ignores the advice until it is almost too late and then implements it with the urging of Arnold.  Although the American’s lose the battle, they inflict heavy casualties on the British (http://www.history.com/this-day-in-history/arnold-and-gates-argue-at-first-battle-of-saratoga).  That is the final straw for Arnold, who plots to hand over West Point to the British, but whose plot is later foiled.  Arnold switches sides, fights for the British and later dies in London in 1801, a broken man.

The emotions run high when talking about Arnold.  In one instance, there is a statue of a lag with no name attached (http://www.roadsideamerica.com/tip/9271).  This is supposedly Benedict Arnold’s leg, which was wounded in the Battle of Saratoga (mentioned above).  The leg is considered the “patriotic” part of him and so was given the commemoration.

What do we learn from this that applies to today?  The insider threats can come from any source, even the ones that seem very loyal.  Arnold became a traitor for a number of reasons that are beyond our analysis, but one seems clear – the disregard for his advice and guidance.  Once he felt that his expertise was not heeded, and seeing the results of the inaction, he (in my opinion) felt that the leadership was not worthy of his support.  How many times in your company has a person come up with an idea that was later squashed, leading to that person offering no further ideas and maybe even leaving the company?  If you are a manager, you need to listen to all ideas even if you do not enact them.  With the computer age, and “over access” to information becoming more the rule than the exception, employees have more access to personal and company information.  This could be catastrophic if the insider threat becomes a reality.  It is imperative that we make all employees feel as if they are part of the solution, or they will become part of the problem.