Mr. Robot ft. Bryon Singh, RailWorks Corporation

Mr. Robot ft. Bryon Singh, RailWorks Corporation

By Steve Gold
Posted in Security
On August 08, 2023

If you were lucky enough to watch Mr. Robot (no judgement here, please!), you learned some valuable lessons on implementing robust security measures and seeing how they can be compromised. In this blog, we will explore how the show's character, Tyrell Wellick, exemplifies secure asset and software management through version-controlled-infrastructure-as-code and accessing administrative interfaces via Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS).

SSH provides a secure and encrypted means of accessing remote systems. It uses cryptographic keys to establish a secure connection between a client and a server, thereby preventing unauthorized access and eavesdropping.

When browsing the web, secure communication is ensured through HTTPS, which encrypts data exchanged between the user's browser and the web server. HTTPS prevents attackers from intercepting sensitive information, such as login credentials and personal data.

In Tyrell's case, using SSH to access E Corp's administrative interfaces ensures that his interactions remain confidential and protected from potential man-in-the-middle attacks. SSH keys also offer an additional layer of security compared to traditional passwords, making it harder for malicious actors to compromise the system.

Enterprise assets encompass a diverse spectrum of hardware and software elements, such as servers, workstations, laptops, mobile devices, and network devices. Effectively managing this vast ecosystem demands a meticulously designed strategy that prioritizes security while maintaining efficiency and productivity. CIS Safeguard 4.6 centers on the secure management of these assets and software, safeguarding vital business operations and sensitive data from the continuously evolving threats in the digital realm.

Implementing Best Practices:

A central pillar of this safeguard is managing configurations through version-controlled-infrastructure-as-code. This approach promotes consistency in infrastructure and reduces the risk of vulnerabilities stemming from misconfigurations. Version control enables teams to track changes, roll back to secure states, and collaborate effectively in managing enterprise assets.

Furthermore, secure network protocols such as SSH and HTTPS should be used for accessing administrative interfaces. These protocols encrypt data during transmission, mitigating unauthorized access and potential eavesdropping.

Conversely, insecure management protocols like Telnet and HTTP should be avoided except when operationally essential, as they may expose sensitive information to potential threats.

Here’s a link to a Secure Configuration Management Policy Template provided free of charge from the fine folks at the Center for Internet Security: https://www.cisecurity.org/insights/white-papers/secure-configuration-management-for-cis-control-4

Here are some details on this specific Control/Safeguard. If you want more detail, DM me.

CIS Control 4 – Secure Configuration of Enterprise Assets & Software

Establish and maintain the secure configuration of enterprise assets (end-user devices, including portable and mobile; network devices; non-computing/IoT devices; and servers) and software (operating systems and applications).

Implementation Group 1

CIS Safeguard 4.6 - Securely Manage Enterprise Assets and Software

Securely manage enterprise assets and software. Example implementations include managing configuration through version-controlled-infrastructure-as-code and accessing administrative interfaces over secure network protocols, such as Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS). Do not use insecure management protocols, such as Telnet (Teletype Network) and HTTP, unless operationally essential.

Steve Gold

Steve Gold

Steve Gold is the Cybersecurity Practice Director at Gotham Technology Group (Gotham). He is responsible for providing the vision and thought leadership to expand Gotham’s legacy of success and build a world-class cybersecurity practice. He works closely with Gotham’s customers, industry partners, and subject matter experts to develop relevant solutions for Gotham’s clients and prospects.

Prior to joining Gotham, Steve worked with the Center for Internet Security (CIS), where he expanded the global reach, revenue, and impact of the CIS Benchmarks, CIS Controls, and CIS Hardened Images. He led the efforts to promote the CIS portfolio of low-cost and no-cost cybersecurity products and services that help private and public organizations stay secure in the connected world. He grew a team of security specialists from 12 to over 40 to assist organizations with implementing security best practices in their continual journey of cybersecurity maturity.

During his more than 20-year career, Steve led teams responsible for developing and implementing technology solutions at some of the industry’s most recognized companies such as Varonis, VMware, Dell & Wyse Technology

Steve is a frequent speaker/moderator at industry conferences and webinars, covering a wide array of information security topics. He resides and works remotely in Baltimore, MD.