Wednesday, October 5, 2011

infect evolve repeat

this silly little web game about viruses has been one of my favourite time killers for years now. go figure.

one of the ideas that gets bandied around in security circles is the notion that defenders need to think more like attackers. the argument being that defenders would be more successful if they could better anticipate how attackers act, what they target, and thus where our weak points really are.

i'd like to turn that on it's head and i think this game serves as a pretty good demonstration. i think we should examine the ways in which attackers need to think like defenders. they want their attacks to succeed so they need to do various things to defend their efforts. things like making their attack tools and techniques more immune to counter attack (immunity is one of the characteristics in the game that you can power up), or increasing the fault tolerance of their attack platform by adding redundancy (the game allows you to increase the reproduction rate of your virus so that your virus can become many viruses), or even reduce the window of exposure during which an attack is at it's most vulnerable (the latency characteristic in the game refers to how long your virus stays trapped within a cell where you can't move it out of the way when something dangerous comes near). these are the sorts of things one needs to think about in order to create or select effective countermeasures.

can you spot any more parallels between how attackers and defenders operate?