Who You Gonna Call? Hostbusters! I Ain’t Afraid Of No Breach!

Firstly – I apologise for the “scarily” bad pun, but this is going to be one “hell” of a blog post if you thought that was bad. 

It’s Halloween and Ghostbusters is my favourite film at this time of year. This got me thinking about the spooky similarities there are between the worlds of cybersecurity and bustin’ ghosts.

Let’s start with the names of security attacks, viruses and malware. You have to admit, ‘Wannacry’, ‘Heartbleed’, ‘KRACK’, ‘Petya’ and  ‘Cloudbleed’ sound scary and could equally be the names of poltergeists or ancient demi-gods wanting to destroy New York City.

The different types of attack also map well to different types of paranormal activity fought by the Ghost Busters...

• A malware attack makes you feel like you’ve been slimed
• Brute force attacks are clearly Stay Puft, the giant marshmallow man
• Being possessed is unquestionably  equal to an Advanced Persistent Threat – slowly and quietly gathering information before taking over
• Reanimating the dead to create a zombie army? A BotNet attack

We haven’t even started on compliance and GDPR – that legislation looks a lot like a river of supernatural slime you could easily drown in…

Even one of the foundations of internet security, the SSL handshake, has obviously  been taken from the conversation between two of the key characters in the film:

“Hello”

“Hello”

“Are you the gatekeeper?”

“No, I am the key master”

However, there is help at hand with the Hostbusters (sorry). They are experts in the paranormal world of cybersecurity with a number of weapons to help in the battle against supernatural attacks.

Yes – that is Monzy Merza (our head of security research), Matthias Maier (our EMEA security evangelist), Buttercup (the Splunk mascot) and you (the security ninja).The Hostbusters.

Hostbusters use their SIEM (Spectral Infestation & Ectoplasm Management) platform to make sure they can prevent any type of ghostly attack. This tends to go hand in hand with UBA (Unexplainable Behaviour Analytics), which helps spot threats from inside the Hostbusters team if there’s been a possession. If the worst happens and there has been a supernatural breach, then the Supernatural Cybersecurity Analytics Response Engine (S.C.A.R.E.) capability kicks in to help the team investigate. Once the ghost has been found then the team fire up the Adaptive Response Containment Grid to trap the free floating apparition and lock it up.

If things get really bad and there is a Stay Puft-sized brute force attack, then there’s only one thing left to do – you’re going to have to cross the (data) streams to bring that one down!

Now if only there was a catchy theme tune to help you remember all of that…

If there's something strange in your server room
Who you gonna call? (Hostbusters)
If there's something weird;
the firewall looks like doom
Who you gonna call? (Hostbusters)

I ain't afraid of no breach
I ain't afraid of no breach

If your SOC alerts, are flashing red
Who you gonna call? (Hostbusters)
An invisible threat
Sleeping in the net
Who you gonna call? (Hostbusters)

I ain't afraid of no breach
I ain't afraid of no breach

Who you gonna call? (Hostbusters)
If you're all alone
Pick up the phone
And call HostbustersI ain't afraid of no breach
I hear it likes the SIEM
I ain't afraid of no breach
Yeah yeah yeah yeah

Who ya gonna call? (Hostbusters)

If you've had a dose of a freaky DOS baby
You better call, Hostbusters

As always – thanks for reading. I hope the awful jokes haven’t been too much of a haunting experience. Happy Halloween!

Matt

Embarrassing fact: I once won a school dancing competition for the Ghostbusters routine (I was only ten…honest!)

----------------------------------------------------
Thanks!
Matt Davies