Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

The Chipmunks Are Coming: Appreciating the Motivation of Threat Actors

Published 09/19/2022

The Chipmunks Are Coming: Appreciating the Motivation of Threat Actors

Originally published by ShardSecure here.

Written by Marc Blackmer, VP of Marketing, ShardSecure.

I like birds, but more on them in a moment.

At the point in time of our story, I’d worked from home for about 10 years, and the shine of my basement office had worn away. One summer, I thought it would be a great idea to set myself up with an outdoor office of sorts. I put up a small tent canopy over a table and cut up a cardboard box to wrap around my laptop so I could see my screen. Best of all, I positioned myself to look directly at the bird feeder, which I’d filled with safflower seeds. Squirrels don’t like them, but birds do. Brilliant, right?

And there I sat — fresh air, sunlight, and happy birds feasting all day long without a rodent in sight. My chirping bird background music became the envy of every conference call I was on. Some joked that they only called me because the background sound was so relaxing. “Marc’s Zen Garden,” they called it. It was everything I’d hoped for, until one day…

The threat actor

There it was on the feeder. Black eyes, racing stripes, short tail. It was insufferably cute with its Dizzy Gillespie cheeks all puffed out with… wait… with safflower seeds? Squirrels hated them, but chipmunks… loved them? Suddenly, I had a flashback to when I’d commented on how the birds were eating seed at a record rate. It was all so clear now.

Game on, my little friend!

Thus began the battle of wits between human and three-ounce rodent. I have to admit, we were pretty evenly matched. With every move I made, my furry nemesis quickly adapted. It climbed, jumped, shimmied, contorted, and, I suspect, shape-shifted when I wasn’t looking. Every time, no matter the obstacle, it succeeded in getting to the safflower seeds. Stymied, I sat back and watched this little critter navigate its way through my Rube Goldberg-like defenses.

That’s when it clicked. The chipmunk had far more at stake and much more to gain than I did. For me, filling the bird feeders to attract birds was a pastime. For the chipmunk, this was about food, about survival. It has a vested interest in succeeding. In other words, it had the motivation.

The realization

What makes me so much fun at parties is that I tend to see security corollaries in all sorts of everyday scenarios. In the case of the chipmunk, I saw how important it is to understand and appreciate how motivated a threat actor is, which I clearly hadn’t. It stands to reason that the more valuable the data is to the threat actor, the more motivated they’ll be to get to the “birdseed.”

So, what do you do? In the case of the chipmunk, I could have gone to greater lengths to prevent it from succeeding, but that would also have denied access to the birds. Similarly, security controls must be balanced with usability. There’s no value in locking things down to the point that your authorized users can’t gain access.

Imagine that the birds could still eat the seed as they always had — but for the chipmunks, the seed would just kind of evaporate. That’s similar to what we’re able to do for data when we microshard it. Although it’s a loose analogy, the net result of microsharding is that data becomes unintelligible and of no value to unauthorized users. The level of effort to try to reconstruct microsharded data will wear down the most motivated of attackers.

Microsharding: the chipmunk-proof solution

At the end of the day, the value of your data to a would-be attacker is proportionate to their motivation to acquire or destroy it. A defense-in-depth strategy is the right way to go, and we believe a microsharding solution — used instead of or in tandem with encryption — is your strongest option to protect your data.

With the right application, microsharding can help protect data confidentiality, integrity, and availability in the cloud. It can also mitigate the impact of ransomware, maintain business continuity, and strengthen data resilience — all while leaving data in the hands of its owners.

By the way, “Persistent Chipmunk” sounds like a great name for the next group of threat actors. Just sayin’.

Share this content on your favorite social network today!