If you thought “The Lord of the Rings” had nothing to do with Information Technology… think again.
Have you seen or read “The Lord of the Rings”? If so, recall the overarching theme of how something as seemingly tiny and insignificant as the One Ring could cause such vast conflict and chaos across Middle-Earth. Or how one short, bright-eyed, hairy-footed hobbit – Frodo – could lead an enormously chaotic world out of the clutches of evil.
When it comes to IT security, the tiniest blip on the radar – a hole in the code, a flaw in the process, a single unsecured machine – can create enormous and expensive problems for both the enterprise and the customer. But by that same token, the tiniest fix or precaution can circumvent the issue; preferably, of course, before the problem appears.
In that vein, I present to you this video from Computer World outlining the 15 worst data security breaches of the 21st century. At only 5 minutes long, I highly recommend it:
Some of the breaches, such as the Stuxnet attack on Iranian nuclear facilities, were highly sophisticated and complex operations run by high-powered hackers and shadowy agencies. But others, such as the #3 eBay breach, were done simply by obtaining the credentials of a few employees and running amok with them – leading to the compromise of nearly 200 million user accounts. Large and sophisticated attacks can cause huge damage, but it’s clear that even relatively simple attacks can still cause severe damage if the right weaknesses are targeted.
Videos like this are an opportunity to learn from the mistakes of others, which is the best way to learn from mistakes (in my opinion). If IT security is any concern of yours in the course of your daily work, then you need to be on a two-pronged lookout at all times for not just the “rampaging orc armies” of IT security – like Stuxnet or WannaCry – but the little “One Rings” as well that stand to cause millions of dollars in damage and affect millions of users despite the relatively small or narrow scope of the attack.
And don’t discount the “Frodos” that can save the day, either: the little stuff like password security and e-mail encryption matters.