Chain of events

When thinking about security, one of the things that are hardest to grasp is the way things are linked together, and of course, the ingenuity of criminals. One small thing can lead to disasterous results in ways a normal person could not even imagine.

For example, a well known story is about a family that went to a public event, and parked their car in the parking lot, like everybody else. The car was a piece of junk, so there was no reason to steal it, and therefore, the owners didn’t install any protection. When thieves broke into it, they weren’t even interested in the car itself, but instead, they stole the GPS that was in it. No…they didn’t want the $50 they could hawk it for, but instead, they just put it in their own vehicle, and pressed “go home”. Thirty minutes later, they were in the driveway of the car’s owner, and entered the house using the remote they also found in the car. I guess there’s no need to detail the resulting mess.

There are several preventative measures to prevent this kind of thing (the simplest would be to set the HOME location on the GPS at a point that’s actually a mile or two from home, or not at all), but the point is that everything can be used for bad deeds, even if it is worthless in itself. Knowing where you work, for example, will allow a clever social engineering hacker to squeeze some info from your co-workers. For example, when you are going on vacation (which would be a good time to hit your house) or what days you stay late at the office.

What can you do about this? Unfortunately, not enough. The criminal mind thinks differently than us, normal people, and even amongst the crooks, there are the more devious kind. A good practice is simply to pretend to be a bad guy for a day. Sit in your car outside your home or office, and try to come up with a way to break in. Sit at your computer, and think how YOU can bust into your boss’s computer, and then try to figure out how you would block him from doing the same to you. Some of us just can’t do it – too old to think outside the box, but you might also try having your kids suggest thoughts.