 |
The Siren sat demurely in her corner booth at the café watching the patrons with an air of casual indifference. A closer inspection of her after a few minutes though would reveal the intensity of a predator as her eyes smoothly moved from one customer to the next. She surveyed every table for a few seconds, examining each individual, then moved on. She didn’t spend much time in one place – scattering her visual inquiry across the room – but systematically she assessed each character to a fine degree. Her eyes finally settled on a lone figure at the small bar in the back of the café. He was dressed in cloak but a closer look revealed the boots of a King’s Guard. The Siren sauntered across the room, brushing her long hair away from her face to take a closer look. She paused at the end of the bar just within earshot of the Guard complaining loudly to the barkeep who absentmindedly polished an enormous glass mug with a large rag. The barkeep nodded knowingly as the man unloaded his daily grievances and criticism of the inner workings of the Castle. “…they think we should be working non-stop all day. I am one of the few guards that has access to make rounds through the whole place.” The Guard wolfed down a fork full of stew. “That’s a lot of walking. I deserve a break once in a while. And I was just having a quick smoke from my pipe. I must have been gone only five minutes.” A sweet innocence flushed over the Siren’s visage, almost as if a mask had been pulled over her face. She deftly slid onto the stool next to the unsuspecting quarry. “Oh, my…” she exclaimed as she rummaged through her small purse. The Guard paused. His fork tenuously stalled halfway between his plate and his mouth. The Siren smiled sheepishly at him and dug deeper into her bag. “Is something wrong, Miss?” The Guard asked. “I do believe I left my coin purse at home. And I just finished dinner…” She frowned expressively, flicking her auburn hair with a quick flip of her head. “That doesn’t sound like such a big problem.” The guard stood and opened his cloak pulling out a small jingling bag of coins. The Siren exited the café from the rear entrance a few minutes later after excusing herself from the guard’s company with a simple “I’ll be right back…” She patted the hidden pocket in her flowing wrap and felt the outline of the Guard’s credentials. She skirted the crowds quickly building distance between her and her victim. By the time the Guard began suspecting his new friend had departed, the Siren had already passed through two gates leading deeper into the town. The lonesome Guard sighed and ordered another beer to fill the void in his now empty evening. The Siren, meanwhile, disappeared into the night, weaving her way towards the castle. The streets were filled with the hustle and bustle of the early evening crowd. Weary laborers passed on each side heading home after a long work day. The Siren danced and twisted her way through the throng. Along the way, she snatched a few small coin purses out of habit, deftly relieving their owners of the trivial, but lucrative, weight of the gold. Moments later, the Siren approached the castle gate. Two large guards stood at the opening. She paused and looked at the Credentials in her hand. The bright gold seal indicating a member of the staff of the Castle glimmered in the night. She snatched the hood of her cape over her head, hiding the bushel of red hair. She approached the Castle gate, quickening her pace. Her curt attitude and harsh growl at the Guards dissuaded them from inquiry as she flashed her credentials and disappeared into the inner recesses of the Castle. ***** Marty watched Greg fiddle with the video conference console with amusement. Two of the most technical people in the company had been confounded by the simple touch screen interface. At one point they had video but no sound. Then sound but no video. Then sound and video but the camera was pointing out the window. Marty had given up and wandered over to the coffee machine to get a cup of liquid patience. Caffeine seemed to soothe him – or perhaps his body was so used to it fueling prolonged periods of extreme concentration that he mistook intense focus as calm harmony with the universe. He sipped quietly as Greg finally poked and prodded the touch screen to focus in on the two of them sitting at the conference table. The video conference screen buzzed and Greg punched a button. The security team at vNextGen, MagnaCorp’s prized new partner, pixelated into view. “Greetings!” Paul Dollening, the security manager at vNextGen, shouted. “Can you see us?” Marty chuckled. Collectively in the two conference rooms connected by a simple webcam were individuals responsible for protecting multi-billion dollar companies. Apparently both sides were equally defeated and mystified by video conference systems. “Yes. We can see you. Can you hear us?” Greg answered. After a few minutes of adjusting volume settings and camera angles and exchanging pleasantries, the teams got down to business. Marty adjusted his notes and opened, “Paul, thanks for sending over the network diagrams of the DMZ and your VPN infrastructure. They were very helpful. I think we are good to go on the firewall and logging rules. Next on the agenda was the remote access to the manufacturing segment. Have you had discussions with the IT team managing that? Are they open to adding the multi-factor authentication?” Paul nodded. “Yes, we had a meeting. There is some pushback from some of the admins complaining about the hassle. But I don’t think their argument will stick. We have been griping about that implementation for several months. And we just got a solid audit finding to back us up.” Marty smiled. “Great news. Any ETA?” “Not yet. I’ll update you.” “Fine. Greg, do you want to go over the incident response procedures and the threat intel sharing?” Marty sat back while Greg took the floor. “Sure. Paul, we want to discuss escalation processes on both sides – in case we or you see anything sketchy. We want to make sure the lines of communication are open. We also want to discuss how we share threat intel back and forth. We keep a comprehensive list of known bad actors and indicators of compromise. I am sure you have seen things as well. I think sharing that info upfront would be helpful given the sensitivity of our alliance.” “I agree. And that’s a good segue.” Paul responded. “I wanted to discuss with you some activity around usage of administrative tools. We have seen quite an uptick in remote server administration traffic since your admins were given access. Seems to me a bit high but it could be just them trying to figure out connectivity and administration of the shared services.” Come back on Tuesday for the next episode! The post E4 – Storms on the Horizon – First Winds appeared first on Speaking of Security - The RSA Blog and Podcast. |
