Security

Anti-fragile IT that responds to the unpredictable

Exceptionality as a rule

The Covid-19 pandemic, the commodities crisis, the war in Ukraine: until recently we would have thought all these events unlikely. They are what Nassim Nicholas Taleb called black swans: phenomena that are rare and unpredictable, but of great impact. These events have profoundly affected the economic and social system worldwide, highlighted its fragilities, and often brought to light the inadequacy of the solutions prepared to respond to adverse situations. But why in all these cases have we found ourselves to be so vulnerable and unprepared?

Most classic crisis management strategies were designed to respond to the worst event that ever happened. But even the exceptional events of the past were unexpected when they happened.

It is here that the approach taken so far shows its weaknesses: it is not enough to build plans to respond to anticipated adversity; it is necessary to broaden one’s vision and prepare to act even in situations that cannot yet be predicted.

This requires reversing the philosophy on which traditional crisis prevention strategies are based. It is no longer a matter of just being robust and resilient, enhancing one’s ability to resist and respond to difficulties, but of seizing the opportunities of the new arrangement and adapting to change.

The storm as an opportunity

The classical approach, based on forecasts built on an outdated history, leaves us fragile. Fragile mainly because investing in resilience and robustness is no longer enough, and being indestructible is not possible. It becomes interesting, then, to think about the real opposite of fragility: no longer resilience or robustness, but anti-fragility.

It is a matter of overturning piece by piece the whole semantics of fragility, which envisions a tendency to weaken and collapse after a certain limit is crossed, and building with anti-fragility a scenario in which crossing that limit triggers a strengthening effect, as if paradoxically a piece of glass instead of breaking on impact becomes stronger.

Anti-fragility is the ability to take advantage of uncertain and unpredictable situations. It is not a universal quality but depends on specific circumstances. It is therefore crucial to identify the scenarios in which this is present. This approach requires a decisive change in attitude: on the one hand, a greater propensity for reflection and evaluation, to look at change from a different point of view; on the other hand, a greater tolerance of risk, an acceptance of uncertainty and the inability to foresee every possible adverse event.

Applying anti-fragility to the IT world

That of anti-fragility is a real philosophy. And because of this it can be used in multiple contexts, indeed, it is desirable: from everyday life to business cases. One example is its application to the IT world, particularly the cybersecurity arena.

As a rule, cybersecurity strategies are based on building defenses high enough to ward off successful cyber-attacks. Today, however, we know that this cannot be enough: it is necessary to think primarily about how to act in case attacks succeed.

A concrete example is the approach developed to counter crypto-lockers, a form of ransomware that encrypts a victim’s data and demands payment of a ransom to decrypt it. Crypto-lockers have unhinged the re-entry mechanisms from attacks by several companies, which exploit the similarity between copies to save disk space. The operation of these particular ransomwares, in fact, plays against traditional data protection systems in an excellent way, because it generates a total disruption of the written information, forcing the protection mechanisms to occupy more space. As a cascade, the standard rules of the system, which aim to optimize the available space, trigger the deletion of all clean copies to make way for the most recent one-that is, the compromised one-which, being completely different from the others, has no optimization heuristics and is extremely heavy. The only copy that remains available is then the one encrypted by the attackers, which is consequently inaccessible.

In addition, systems designed not to be compromised leave maximum freedom to those who can penetrate them; therefore, obtaining administrator privileges in an environment managed with traditional logic means having the possibility of causing a long series of additional events designed to compromise re-entry mechanisms.

This is where the philosophy of anti-fragility comes in. Reasoning according to this new approach has resulted in a mechanism that, to counter crypto-lockers, increases by design its effectiveness. The rationale here is to start with the attack scenario in order to build increasingly effective responses, not to prevent attacks from occurring.For this reason, the solutions identified can be different, and it is possible to continue to build new ones. One of the identified responses, for example, requires that copies be unalterable for a specified amount of time. The administrator should also not be able to change this setting. In the event of an attack, the increase in the size of the encrypted data will quickly saturate the available space, effectively freezing the operation of the system itself and, consequently, its breach. At the same time, clean copies, since they are unalterable, will be preserved and their recovery will always remain possible. The abnormal saturation of the various systems and their subsequent freezing will, moreover, become an additional symptom to alert traditional Security Operation Centers (SOCs) of impending or ongoing attacks-a collective benefit to protect the entire IT community, which can thus be pre-alerted of possible new cyber risks.

Living the anti-fragility

Those identified by following an anti-fragile approach are not universal answers: it is possible that they may work in a given context and may not be applicable to another. Change does not open up the same opportunities for every company: investments in anti-fragile strategies and technologies must take these differences into account.

It takes expertise, know-how, and experience to successfully apply the anti-fragile philosophy to your own business or to propose it to your customers. deda tech has anti-fragility in its DNA: from the approach we take toward vendors-agnostic, albeit sustained by a relationship of continuous exchange and comparison-to our predilection for multi-cloud, the strategies and solutions we propose to our customers vary according to their characteristics and needs and are developed to enable them to best respond to change and maximize their opportunities. IT, for our clients, should not be an object of concern, but a versatile and reliable tool that supports their growth path.