Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

3/27/2020
02:00 PM
Bil Harmer​
Bil Harmer​
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
100%
0%

The Wild, Wild West(world) of Cybersecurity

Though set in the future, HBO's "Westworld" works as an allegory for the present moment in cybersecurity.

'Your face doesn't matter--it's your actions that identify you.'
 Source: AF Archive/Alamy Stock Photo
"Your face doesn't matter--it's your actions that identify you." Source: AF Archive/Alamy Stock Photo

In the gunslingin' world of cybersecurity, there are threats everywhere. It can sometimes feel as dangerous to run a modern business as it was to run a saloon in the shadiest part of the Wild West.

Actually, the parallels between the cowboy days and modern cybersecurity issues are aplenty — and one need look no further for proof of that than HBO's standout series Westworld

If you haven't seen Westworld yet, here's the general gist (Note: spoilers ahead!): The story centers around a Western-themed amusement park populated by robots (or "hosts") who spend each day acting out the same storyline as the day before.

Visitors to the Westworld park interact with the hosts and are free to indulge their most hedonistic desires, spared from the consequences of the real world. But Westworld suffers from issues that are strikingly similar to the ones faced by cybersecurity professionals today. In fact, Westworld's flaws are a useful allegory for navigating today's most insidious digital threats.  

Identity
If your business struggles with verifying identities, you're not alone: The same issues exist in the Westworld park.

After all, we thought we knew who Charlotte Hale was — the executive director of Westworld's board — but it turns out that she was killed at the beginning of season two by a robot version of herself. And then there's Bernard. Who's actually Arnold, the creator of the hosts. Who's dead.

If you're confused by all of this, imagine how confused your systems are by the millions of access requests coming from both legitimate and illegitimate users, day after day.

Credentials don't cut it: They can be easily stolen in today's threat landscape. Instead, the best bet for accurately identifying users (or hosts) is to rely on a combination of validations like multifactor authentication, behavioral biometrics (such as voice recognition, typing patterns, mouse movements, etc.), and browser and IP information. 

If a system were to analyze Charlotte Hale during season two, it would discover that, even though she looks exactly like Charlotte, she's not. Similarly, even if an attacker possesses a single authentication, it's still nearly impossible for him or her to replicate a combination of validations.

AI Regulation
Part of Westworld's appeal is its examination of what makes us human. If our consciousness is the crux of individuality, what happens in a world when consciousness can be constructed, altered, downloaded, uploaded, and destroyed at will? It's the question that weighs on Arnold's conscience so heavily that it determines his own demise.

But while this wrangling of human and artificial consciousness isn't easily resolved in Westworld, it's no more cleanly handled in real life. In 2017, Elon Musk called for the regulation of artificial intelligence (AI) before it posed a risk to humanity. And yet regulation hobbles innovation, so Congress adopted a "wait and see" approach to AI legislation. The result so far has been a quantum leap of AI innovation — for proof, one need look no further than the proliferation of deepfakes that have been created using machine learning and AI — without stringent regulation, standards, or requirements.

I believe a practical approach to regulating AI would be to use existing data privacy laws and expand or replicate them to cover machine learning and AI.

Threats and Vulnerabilities
Even the most advanced hosts in Westworld are susceptible to malware. But what's most interesting about this, perhaps, is that the threats manifested in the show can easily be seen as allegories for modern cybersecurity threats:

  • Insider threat: A Westworld programmer, Elsa, finds a laser-based satellite uplink inside a robot host that someone has been using to smuggle data out of the park.

  • Advanced persistent threat: The robot host Maeve uses Felix, a Westworld technician, and other hosts to start an uprising — because someone has programmed her to take over Westworld and infiltrate the mainland in a pre-scripted insurgency.

  • Malware: Clementine, who works in the saloon, is updated with a new code that turns her into a walking virus. With only a thought sent through the mesh network, Clementine can force hosts to brutally kill each other.

  • Internet of Things vulnerabilities: In the season three premiere, Dolores hacks into the smart house of a billionaire, making the home no longer responsive to his commands. The show doesn't make it clear whether the smart home was compromised by insecure network services, ecosystem interfaces, or default settings, but Dolores is able to take control quickly.

What can we learn from the threats and vulnerabilities above, as well as the identity issues and the AI quandaries seen in Westworld? To take them seriously. It's tempting to think of cybersecurity as existing only in a vacuum, affecting only digital networks that can be ignored as soon as we step away from a computer. But the reality is that cybersecurity is tied to the real world, and its breaches have very real damage. Westworld shows us that issues can only be ignored for so long before they demand their time in the spotlight.

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "What Should I Do If Someone Is Impersonating My Company in a Phishing Campaign?"

Bil Harmer is the CISO and chief evangelist of SecureAuth. He brings more than 30 years of experience in leading security initiatives for startups, government, and established financial institutions. He's CISSP, CISM, and CIPP certified — and is recognized for ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: "Elon, I think our cover's been blown."
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-2296
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2297
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2298
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
CVE-2021-2299
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful atta...
CVE-2021-2300
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...