Trusting Machines to Defend Against Humans

An Advanced Persistent Threat has successfully installed malware on one of the development servers in your network. Maybe one of your engineers clicked on a phishing link? Maybe they hacked in through some vulnerability in your firewall? Maybe it’s an insider who snuck in a USB stick loaded with the program?

That doesn’t matter now. All you can think of is your intellectual property. All of the code you have invested thousands of hours and millions of pounds into is on those servers. You scramble to put together a team to investigate this. Meanwhile the attackers start looking through all that valuable code on the server.

You desperately try to identify the compromised machine and shut it down. You struggle to find it. Should you just pull every plug now? The disruption would cost a fortune, effectively leaving all of your 135 developers unable to work. Meanwhile, the attacker silently disappears back into the internet. They achieved their objective.

You can read rest of my article on the BCS Website, or in the Autumn 2022 issue of the IT Now magazine.