9. The Application of Cybersecurity: Principles and Practices 221 running? It takes expertise to be able to differentiate benign from malicious behavior. In general, he who knows and understands more wins. The less you know, the easier you are to hack. Success in hacking often comes from burrowing beneath the technological level of understanding of the defender. The hacker can operate in these deeper technology layers unnoticed because they are blindspots to the defender. He cannot differentiate normal from suspect activity in these layers. The attacker is invisible to the defender, and meanwhile, going deeper opens up new vistas and promising opportunities for hackers. Figure 9.3 A partial listing of the background processes running on a Windows computer. In cyber, attacks often come from below. The depth wins principle teaches that time invested in understanding technology, especially the technologies that are in use on one’s own computer and network, is time well spent. Ignorance is not bliss. The failure to pry into black boxes to understand what is inside them is a major security vulnerability. Investing in learning and gaining expertise confers substantial advantages. 9.1.3 Trusting Trust “To what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software.“ - Ken Thompson in “Reflections on Trusting Trust”
RkJQdWJsaXNoZXIy MTM4ODY=