Quantcast
Channel: Exclusive Networks Group » Barrie Desmond
Viewing all articles
Browse latest Browse all 10

Cybersecurity Lessons from The Godfather – Part 2

0
0

 

mafia bossLearning the lessons of cybercrime behaviour – and the age-old approaches of organised crime – encouraged me to analyse some of Francis Ford Coppola’s classic movie “The Godfather” for my previous blog post. Specifically, how Luca Brasi’s murder at the hands of Virgil Sollozzo is remarkably similar to the firewall-aversion techniques employed by sophisticated cybercrime attackers.

For this blog post, I’m focusing on the coordination of cybercrime attacks – and again using The Godfather for inspiration.

The famous and beautifully composed ‘Baptism’ scene is five minutes of pure Hollywood gold, where Mafia boss Michael Corleone’s coordinated assassination of the heads of five rival crime families happens while he attends the christening of his nephew. Here’s the clip if you need reminding.

Coordinated attacks have become commonplace in cybercrime because they are so effective at overwhelming victims. What’s more – coordinated attacks give each individual part of a larger organisation virtually zero time to understand the bigger picture context.

Attacks that are not coordinated provide the opportunity for victims to learn and strengthen defences. Hence, in The Godfather, the audacity of Corleone’s five target multi-strike takes him from being a small-time mobster to a big-time Mafia Don in less that the time it takes to hold a church service.

The five ‘hits’ go something like this:

– Assassin A is a ‘trojan’ as he’s posing as a deliveryman but with malicious intent. He runs up a few flights of stairs, calls the elevator – and when the doors open he takes the payload out of the package he’s carrying (a shotgun) and kills the three guys inside.

– Assassin B’s job is to take down casino owner Moe Greene, and again he blends in as a colleague or trusted source. Greene is working from a remote location (having a massage) and so far more vulnerable than usual when the assassin walks in. Think of how many times you’ve used a coffee shop Wi-Fi and could have suffered the same fate! The cybercrime equivalent to this would be malware injection via the use of a corrupt insider.

– Assassin C exhibits normal behaviour having a shave at a barbershop before waiting in a stairway. The target walks past to leave the building when the assassin follows behind, jamming the revolving doors to trap and shoot him. This one is a classic ‘worm’ attack; lying dormant until it knows when to attack and what related systems to compromise in order to destroy the victim.

– Assassin D is actually two guys, both heavily armed with big machine guns. The target is next door in bed, with his girlfriend, when the two guys burst in and rain him with bullets. This is like a brute force denial of service attack, but with a distributed attack source (Distributed Denial of Service = DDoS).

– Assassin E is posing as a police officer. The target, and his two bodyguards, are fooled by the disguise until it’s too late and they all get executed. As well as being another trojan, the assassin’s role-play at writing out a parking ticket is a great example of social engineering.

Assassins A and C both looked like they belonged where they were, which would have simplified their infiltration and made their escape (exfiltration) much easier. The Assassin D crew were intent on using overwhelming force. Meanwhile, Assassin B was trusted by the target – in other words, a real insider – and this enabled him to get close enough to successfully attack. Again his infiltration would have been straightforward, but so would his exit. Moe Greene spent most of his time at his own Las Vegas hotel, but the assassin chose to shoot him at a massage salon – most likely one where the assassin knew how to escape from. Attacking him anywhere else would have been too dangerous.

Which leaves us with Assassin E – the police officer. Disguising yourself as something you’re not is the oldest criminal trick in the book, but for a gunman to pretend to be a cop is very scary. In effect, the police officer is a security solution; he is there to uphold security. Surely – you think – he is the least likely to pose a threat? Cybercriminals also exploit this trust by posing as security infrastructure, when in fact they are doing the opposite.

Whether you’re looking for security tips – or just enjoy classic movies – get a copy of The Godfather and watch it. Make sure a cybercriminal isn’t watching it with you; you wouldn’t want to give them any more ideas!


Barrie Desmond, Chief Operating Officer
Exclusive Networks Group is the only international ‘SuperVAD’; focused upon growing the businesses of innovative security, networking and infrastructure technology companies.


The post Cybersecurity Lessons from The Godfather – Part 2 appeared first on Exclusive Networks Group.


Viewing all articles
Browse latest Browse all 10

Latest Images

Trending Articles





Latest Images