It all started out as a simple prank. My wife and I play poker with a few other couples. One night, one of our regulars was out of town, so after the game, the rest of us rolled bathroom tissue all over their house, trees, cars, yard.
And so the tradition began.
Months later, another couple was out of town: a few hundred forks stuck in their lawn.
Last summer, it was our turn. We were in Asia for a conference when I received a panicked phone call from a neighbor: police tape all over the house, body outlines on the pavement. To this day, we're still explaining the joke to neighbors.
Next time around, a couple was away during election week. We collected dozens of discarded election signs, “Vote for Joe Shmo, supervisor”, “Ellen Shmellen for Sheriff”, etc. and planted them in our friends’ back yard.
For the most recent installment, we took it up a notch. The out-of-towners had their parents watching the home, so we asked them if we could get into the house. We swapped bed and box spring (then remade the bed), filled a bathroom to the ceiling with balloons and closed the door, filled the microwave with plastic eggs, replaced mouthwash with water, ran streamers over the entire house, forwarded their alarm clock 12 hours, reversed all the books on a shelf, and wrote welcome home notes all over the mirrors.
With internal access, the sky's the limit. Our friends’ parents were the insider threat, providing us the keys to the kingdom.
Perhaps the ultimate example of insider threat in embedded systems is a theory that Israelis were able to insert a kill switch into a computer chip that ultimately made its way into radar systems. In 2008, just prior to the Israeli air attack on a Syrian nuclear facility, the kill switch was triggered, the lights went out, and the air attack proceeded with impunity.
Many people think it impossible to defend against the insider threat. Hogwash. Insider threat must be addressed with PHASE, which I talk about in various articles and classes. Least Privilege and Component Architecture: instead of one key guarding access to all rooms and valuables, use separate locks and keys, and only trust keys to those who need access to specific rooms. Secure Development Process, including development security , is like the ultimate background check. Have independent experts validate your approach.
But the first step is to understand your insider threats and come up with a plan on reducing that risk instead of ignoring this crucial aspect of embedded security.
Dave Kleidermacher is CTO of Green Hills Software. He writes about security issues, sharing his insights on techniques to improve the security of software for highly critical embedded systems.