The trials and tribulations of Jon, Daenerys, and co. against the impending undead army of White Walkers share a lot of similarities with the evolution of cyberthreats over the last several years.
In Westeros, amidst the constant warring between the Lannisters, Starks, and Targaryens, a few small groups have seen the real threat facing the entire human race, the White Walkers. Despite Jon Snow’s borderline-obsessive urgings and warnings, many dismiss the White Walkers as stuff of fairytales or distant history. Among those who do recognize the threat, no one has a clear strategy to stop the enemy. Even with the new plans to harvest dragonglass (which appear to have been more-or-less abandoned) and unite the feuding houses, the Night King’s army is growing larger and looming closer every day.
A similar set of circumstances are ensnaring our digital security. Despite existing for many years, cyberattacks have only recently begun to gain the notoriety they deserve due to the kinetic consequences they pose. However, like the small contingent of Jon Snow’s followers (the Night’s Watch, the armies of the North, Samwell Tarly, etc.), many organizations fail to understand that attacks are now customized to penetrate their specific defenses—to breach fire-Walls—and hackers now have access to tools that were previously only available to national governments—like fire-breathing dragons.
Neither the White Walkers nor digital weapons started as destructive. The White Walkers used to be humanoids whom the Children of the Forest created with magic to protect themselves from the First Men; they were defense weapons created with good intentions that eventually became so powerful that they threatened all of humanity. Similarly, cyberweapons like StuxNet were most likely originally developed as tools of defense to limit Iran’s nuclear proliferation abilities, but have since become tools of third-party criminal groups who’ve accessed the techniques that made Stuxnet possible. From Russia to North Korea, China to profit-driven criminal organizations, many groups are now all capable of developing digital weapons that could take down a power grid or control a nuclear facility.
This has lead to organizations increasing their cybersecurity defenses through investments and research. In 2015 alone, more than $75 billion was spent on enterprise security products and services, and that number is expected to top $100 billion by 2020—that’s an Iron Bank-level of cash. But a stronger defense isn’t always enough when the attackers are also highly motivated and well-funded.
While swooping in with her dragons to rescue the A-Team-like search party in the penultimate episode for Season 7, Daenerys clearly thought she had the upper hand. But when the Night King threw his ice spear at one of her dragons, everything changed. Not only had Daenerys lost one of her most powerful (and beloved) assets, but the Night King was then able to reanimate Viserion as a Wight dragon, turning the tables entirely. Even when you think you have the upper hand, things can quickly change.
Similarly, despite all the spending and assurances of increased security, last year there was a record 1,093 breaches of US companies and government agencies, up 40% from 2015. And even though many security experts recognize the threat of advanced adversaries, security programs must still be properly designed to account for the adversary’s strategy, techniques and technology, and organizations need the right technology and team to respond to these threats in real time. Though many realize this, unfortunately the vast majority of security funding still goes to the perimeter to fight the same basic adversaries of yesteryear, not the advanced adversaries—in other words, leaders focus on taking the half-abandoned Casterly Rock, not the White Walkers of the digital domain.
As we saw at Hardhome and elsewhere, the Night King’s army is seemingly endless and can be reanimated at the flick of a wrist. Where one wight goes down, many more are ready to take its place and cause great harm in the process. As malware is spread around the internet, cyberattacks have only become more prevalent, and it’s become easier to inflict major damage. It’s a (Jon) snowball effect.
In just the past few months, the WannaCry and NotPetya ransomware strains turned the world on its head, and a massive hack of HBO has led to Game of Thrones episodes being leaked and the theft of a whole bunch of IP. Before that, the Shadow Brokers released a trove of powerful “zero day” attacks allegedly stolen from the NSA, each of which can be very dangerous.
In Game of Thrones, the leaders of Westros are finally realizing that the White Walkers are real and the threats they pose are existentially dangerous. But unless they work together and realize that their petty politics are a distraction from the real threat at hand, the realm will cease to exist. In the digital domain, advanced adversaries present a similar existential threat to businesses and organizations that don’t reevaluate investment for modern era of targeted attacks.
Unless we recognize who and what the real threats are, and establish strong security systems that face the threats head-on, cutting them off before they have a chance to overtake our systems, the digital domain is in as much trouble as the realm of men.