mardi 26 février 2013

Walls and Fortresses: Some History Lessons

Chinese Wall, Limes, Hadrian's Wall, Maginot Line, Siegfried Line, Atlantic Wall, Berlin Wall... And every impregnable fortresses... All have failed.

The so-called "security perimeter" doesn't exist anymore; did it even exist once ?

Cloud infrastructures BYOD APTs (Spear) Phishing etc. or just the human factor ?

Defense-in-depth is an old and well known moto in InfoSec, but many people seem to just stop at the perimeter defense.

Sure, having a so-called "perimeter" to defend is reassuring, putting all efforts defending it ensures that we are safe inside it; good rest while not on the front line.

I don't mean firewalls, antiviruses, anti-spam and other protections, etc. don't avail, they have their use. But don't count on them to provide a complete security. They never have, they never will.

History is repeating itself, over and over. One of the well known and most documented failed perimeter defenses wa the Maginot Line during the Battle of France in May-June 1940.

The French military command, being one war late as often, thought building a fortified line would prevent German invasion. The problem was this impregnable line was too short and didn't cover the Ardennes area, deemed to be impossible to bypass by tanks and mobile units.

Though the "Blitzkrieg" concept existed only on paper at the time, a German general fully used it: Erwin Rommel.

The divisions Rommel commanded were called the "Ghost Divisions" because they moved so quickly even the German high command didn't know their whereabouts, not speaking of the Allies. This led to the Allied armies being encircled in Dunkirk.

After the Dunkirk evacuation, the German army turned south to invade France, took Paris, and seemed about to invade the whole country. At this time, the remaining French army changed its strategy and implemented hedgehog tactics of defence in depth. This was rather effective, considering the state of the French army in June 1940, which had no reserves anymore and so was doomed.

Four years later, when the Allies liberated Western Europe, the Siegfried Line facing the Maginot Line, didn't avail much more against General Patton's tanks.

Lessons to remind:
- The perimeter doesn't provide a complete security. It can even provide a false feeling of security, which is worse than all.
- Changes in the technology, whereas tanks/aircrafts or mobile devices(BYOD or not)/cloud infra can even render the notion of perimeter mostly obsolete.
- In-depth defenses can be more important than perimeter ones.
- Expect the unexpected.
- Dynamism always beat staticness, in the end.
- Oh, and always keep an eye on your logs, the Allies defeat would have been prevented if the air forces observation reports had been heeded at the very start of the German offensive.

Aucun commentaire:

Enregistrer un commentaire