If you want to protect sensitive military secrets, start by keeping zombies off your lawn.
Rick Doten is two things: He is the Chief Scientist at the Center for Cyber Security Innovation at Lockheed-Martin, and he is also a self-admitted "huge fan" of PopCap's utterly charming tower defense game Plants vs. Zombies. Those are two things that you wouldn't ever think would really coincide. On the one hand, Lockheed-Martin is part of the Defense-Industrial base - contractors who support the US Department of Defense - and they make make planes, ships, electronic and space systems, "and all sorts of cool stuff," says Doten. On the other, Plants vs. Zombies features potato landmines and cartoon zombies in wetsuits riding undead dolphins.
So one can only imagine the look of confusion on the faces of PopCap's legal department when Doten asked the casual-games maker for permission to use its living dead in an upcoming presentation about Lockheed-Martin's cyber security. What could Plants vs. Zombies and military-industrial cyber security possibly have in common?
Some time ago, Doten had been playing PvZ on his iPhone while flying to a cyber security conference in Boston, he told The Escapist. With the game fresh on his mind, said Doten, he had been discussing the title with a colleague at the conference - and he made a surprising mental connection. "I said, 'You know, it's a lot like cyber security. You know, it's exactly like cyber security!'"
In both cyber security and Plants vs. Zombies, defenders must deal with "a persistent adversary," explained Doten. "They will escalate their attacks as time goes on and as you improve your defenses. So when you think that all your defenses are suitable to completely protect yourself, they try something new to get around your control." Where Plants vs. Zombies introduces advanced adversaries - bungiejump zombies that can pull a plant out or Zamboni-riding zombies that crush your defenses - the enemies faced by the Department of Defense will try a new tactic.
The main difference between the enemies that Doten and his department deal with and normal cyber-criminals, he said, is that the cyber-criminals will focus on "what's easiest to do" for monetary gain. They don't care necessarily what they're doing as long as it's an easy way to make money. "In my world, it's not what's easiest - they're goal-oriented." Like the zombies are out to eat your brains, Doten's adversaries are after something very specific: They want to learn about military secrets, whether that means blueprints, schemata, or mission data. "They know we have good defenses and so they have to keep stepping it up."
In order to maintain a good defense (whether against zombies or hackers out to steal state secrets), the first key is understanding the capabilities of your adversary - and sometimes that means having your initial defenses breached. "The first time you play PvZ and the digger zombie comes up and starts eating your plants, you freak out. But you figure out what it takes to beat him, you identify that, and you go forward."
Similarly, Doten and his department use a kill-chain methodology with multiple layers of defense. "Our adversary has seven gated steps to go through," from initial recon to the eventual exfiltration or corruption of data. "If I can block them at any one of those stages, then they cannot achieve their objectives." In other words, you can lose a plant or two but still be golden as long as the zombies don't eat your brains.