Security
Anti-fragile IT that responds to the unpredictable
With the anti-fragility philosophy, uncertain situations become the spark for new development.
Even in the world of cybersecurity.
Exceptionality as a rule
The Covid-19 pandemic, the commodities crisis, the war in Ukraine: until recently we would have thought all these events unlikely.
They are what Nassim Nicholas Taleb called black swans: phenomena that are rare and unpredictable, but of great impact.
These events have profoundly affected the economic and social system worldwide, highlighted its fragilities, and often brought to light the inadequacy of the solutions prepared to respond to adverse situations.
But why in all these cases have we found ourselves to be so vulnerable and unprepared?
The most classic crisis management strategies were designed to respond to the worst event that ever happened.
But even the exceptional events of the past were unexpected when they happened.
It is here that the approach taken so far shows its weaknesses: it is not enough to build plans to respond to anticipated adversity; it is necessary to broaden one’s vision and prepare to act even in situations that cannot yet be predicted.
This requires reversing the philosophy on which traditional crisis prevention strategies are based.
It is no longer a matter of just being robust and resilient, enhancing one’s ability to resist and respond to difficulties, but of seizing the opportunities of the new arrangement and adapting to change.
The storm as an opportunity
The classical approach, based on forecasts built on an outdated history, leaves us fragile.
Fragile mainly because investing in resilience and robustness is no longer enough, and being indestructible is not possible.
It becomes interesting, then, to think about the real opposite of fragility: no longer resilience or robustness, but anti-fragility.
It is a matter of overturning piece by piece the whole semantics of fragility, which envisions a tendency to weaken and collapse after a certain limit is crossed, and building with anti-fragility a scenario in which crossing that limit triggers a strengthening effect, as if paradoxically a piece of glass instead of breaking on impact becomes stronger.
Anti-fragility is the ability to Taking advantage of uncertain and unpredictable situations.
Non è una qualità universale, ma dipende da circostanze specifiche.
È quindi fondamentale individuare gli scenari in cui questa è presente.
Questo approccio richiede un deciso cambio di atteggiamento: da una parte una maggiore propensione alla riflessione e alla valutazione, a guardare il cambiamento da un punto di vista differente, dall’altra una maggiore tolleranza del rischio, un’accettazione dell’incertezza e dell’incapacità di prevedere ogni possibile evento avverso.
Applying anti-fragility to the IT world
That of anti-fragility is a real philosophy.
And because of this it can be used in multiple contexts, indeed, it is desirable: from everyday life to business cases.
One example is its application to the IT world, particularly to the area of cybersecurity.
Typically, cybersecurity strategies are based on building defenses high enough to ward off successful cyber-attacks.
Today, however, we know that this cannot be enough: it is necessary to think above all about how to act in case attacks are successful.
A concrete example is the approach developed to counter crypto-lockers, a form of ransomware that encrypts the victim’s data and demands payment of a ransom for their decryption.
Crypto-lockers have unhinged the re-entry mechanisms from attacks by several companies, which exploit the similarity between copies to save disk space.
The operation of these particular ransomwares, in fact, plays against traditional data protection systems in an excellent way, because it generates a total disruption of the written information, forcing the protection mechanisms to occupy more space.
As a cascade, the standard rules of the system, which aim to optimize the available space, trigger the deletion of all clean copies to make way for the most recent one-that is, the compromised one-which, being completely different from the others, has no optimization heuristics and is extremely heavy.
The only copy that remains available is therefore the one encrypted by the attackers, which is consequently inaccessible.
In addition, systems designed not to be compromised leave maximum freedom to those who manage to penetrate them; for this reason, obtaining administrator privileges in an environment managed with traditional logic means having the possibility of provoking a long series of additional events designed to compromise re-entry mechanisms.
This is where the philosophy of anti-fragility comes in.
Reasoning according to this new approach has resulted in a mechanism that, to counter crypto-lockers, increases by design its effectiveness.
The rationale here is to start with the attack scenario in order to build increasingly effective responses, not to prevent attacks from occurring.For this reason, the solutions identified can be different, and it is possible to continue building new ones.
One of the identified responses, for example, requires that copies be unalterable for a specified amount of time.
The administrator should also not be able to change this setting.
In the event of an attack, the increase in the size of the encrypted data will quickly saturate the available space, effectively freezing the operation of the system itself and, consequently, its breach.
At the same time, clean copies, since they are unalterable, will be preserved and their recovery will always remain possible. In addition, the abnormal saturation of various systems and their subsequent crashing will become an additional symptom to alert traditional Security Operation Centers (SOCs) of impending or ongoing attacks-a collective benefit to protect the entire IT community, which can then be pre-alerted of possible new cyber risks.
Living the anti-fragility
Those identified by following an anti-fragile approach are not universal answers: it is possible that they may work in a given context and may not be applicable to another.
Change does not open up the same opportunities for every company: investments in anti-fragile strategies and technologies must take these differences into account.
It takes expertise, know-how and experience to successfully apply the anti-fragile philosophy to your own business or to offer it to your customers.
deda tech has anti-fragility in its DNA: from the approach we hold toward vendors-agnostic, albeit supported by a relationship of continuous exchange and comparison-to our predilection for multi-cloud, the strategies and solutions we propose to our clients vary according to their characteristics and needs and are developed to enable them to best respond to change and maximize opportunities. IT, for our clients, should not be an object of concern, but a versatile and reliable tool that supports their growth path.