Cybersecurity Is 2017’s Version of the White Walkers—And You Don’t Want to Be a Non-Believer

Fan Christopher Lomas, dressed as the Night King, asks a question at the "Game of Thrones" panel on day two of Comic-Con International on Friday, July 21, 2017.

Fan Christopher Lomas, dressed as the Night King, asks a question at the "Game of Thrones" panel on day two of Comic-Con International on Friday, July 21, 2017. Al Powers/Invision/AP

Among those who do recognize the threat, no one has a clear strategy to stop the enemy.

The trials and tribulations of Jon, Daenerys, and co. against the impending undead army of White Walkers share a lot of similarities with the evolution of cyberthreats over the last several years.

In Westeros, amidst the constant warring between the Lannisters, Starks, and Targaryens, a few small groups have seen the real threat facing the entire human race, the White Walkers. Despite Jon Snow’s borderline-obsessive urgings and warnings, many dismiss the White Walkers as stuff of fairytales or distant history. Among those who do recognize the threat, no one has a clear strategy to stop the enemy. Even with the new plans to harvest dragonglass (which appear to have been more-or-less abandoned) and unite the feuding houses, the Night King’s army is growing larger and looming closer every day.

A similar set of circumstances are ensnaring our digital security. Despite existing for many years, cyberattacks have only recently begun to gain the notoriety they deserve due to the kinetic consequences they pose. However, like the small contingent of Jon Snow’s followers (the Night’s Watch, the armies of the North, Samwell Tarly, etc.), many organizations fail to understand that attacks are now customized to penetrate their specific defenses—to breach fire-Walls—and hackers now have access to tools that were previously only available to national governments—like fire-breathing dragons.

Neither the White Walkers nor digital weapons started as destructive. The White Walkers used to be humanoids whom the Children of the Forest created with magic to protect themselves from the First Men; they were defense weapons created with good intentions that eventually became so powerful that they threatened all of humanity. Similarly, cyberweapons like StuxNet were most likely originally developed as tools of defense to limit Iran’s nuclear proliferation abilities, but have since become tools of third-party criminal groups who’ve accessed the techniques that made Stuxnet possible. From Russia to North Korea, China to profit-driven criminal organizations, many groups are now all capable of developing digital weapons that could take down a power grid or control a nuclear facility.

This has lead to organizations increasing their cybersecurity defenses through investments and research. In 2015 alone, more than $75 billion was spent on enterprise security products and services, and that number is expected to top $100 billion by 2020—that’s an Iron Bank-level of cash. But a stronger defense isn’t always enough when the attackers are also highly motivated and well-funded.

While swooping in with her dragons to rescue the "A-Team"-like search party in the penultimate episode for Season 7, Daenerys clearly thought she had the upper hand. But when the Night King threw his ice spear at one of her dragons, everything changed. Not only had Daenerys lost one of her most powerful (and beloved) assets, but the Night King was then able to reanimate Viserion as a Wight dragon, turning the tables entirely. Even when you think you have the upper hand, things can quickly change.

Similarly, despite all the spending and assurances of increased security, last year there was a record 1,093 breaches of U.S. companies and government agencies, up 40% from 2015. And even though many security experts recognize the threat of advanced adversaries, security programs must still be properly designed to account for the adversary’s strategy, techniques and technology, and organizations need the right technology and team to respond to these threats in real time. Though many realize this, unfortunately the vast majority of security funding still goes to the perimeter to fight the same basic adversaries of yesteryear, not the advanced adversaries—in other words, leaders focus on taking the half-abandoned Casterly Rock, not the White Walkers of the digital domain.

As we saw at Hardhome and elsewhere, the Night King’s army is seemingly endless and can be reanimated at the flick of a wrist. Where one wight goes down, many more are ready to take its place and cause great harm in the process. As malware is spread around the internet, cyberattacks have only become more prevalent, and it’s become easier to inflict major damage. It’s a (Jon) snowball effect.

In just the past few months, the WannaCry and NotPetya ransomware strains turned the world on its head, and a massive hack of HBO has led to "Game of Thrones" episodes being leaked and the theft of a whole bunch of IP. Before that, the Shadow Brokers released a trove of powerful “zero day” attacks allegedly stolen from the NSA, each of which can be very dangerous.

In "Game of Thrones," the leaders of Westros are finally realizing that the White Walkers are real and the threats they pose are existentially dangerous. But unless they work together and realize that their petty politics are a distraction from the real threat at hand, the realm will cease to exist. In the digital domain, advanced adversaries present a similar existential threat to businesses and organizations that don’t re-evaluate investment for modern era of targeted attacks.

Unless we recognize who and what the real threats are, and establish strong security systems that face the threats head-on, cutting them off before they have a chance to overtake our systems, the digital domain is in as much trouble as the realm of men.

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.