Posted on May 10, 2019
House Tyrell of Highgarden, whose sigil of a rose, stood as a loyalty-shifting ally rather than a ruling house seeking the Iron Throne. The rose, whose beauty belies the dangerous thorns underneath, aptly describes House Tyrell. Hiding behind a veneer of gentility, the Tyrells often proved themselves a foe to be feared. Similarly, unpatched software and outdated browsers appear to be business enablement allies until they become security foes.
Browser plugins can be both useful and dangerous. Examples of plugins include Adobe Flash Player, Java SE, Microsoft Silverlight, password managers, and popup blockers. A plugin allows the browser to support third-party applications. For example, a password manager plugin enables stronger password hygiene since the user does not need to remember multiple passwords. However, cybercriminals often choose to exploit vulnerabilities in these plugins, particularly Adobe Flash Player. While many browsers can automatically update, not all users realize that the updates require closing out the browser and restarting it. Thus, the seemingly innocent and useful software becomes a threat.
Ser Loras Tyrell similarly acts as an innocent throughout The Game of Thrones. As Renly Baratheon’s lover, he supports the Baratheon claim to the Iron Throne. As such, he helps Renly raise an army to outnumber the Lannisters. Unfortunately, Loras becomes a pawn used by the Lannisters to undermine house Tyrell. Cersei Lannister uses the Faith of the Seven to arrest Loras in an attempt to gain the Iron Throne. She uses Loras as a political pawn, undermining his sister Margarey’s marriage to Tommen Lannister.
Similarly to how Cersei uses the innocent Loras to gain power, cybercriminals use innocent looking plugins to gain entrance to networks.
Spyware, often called Adware, is software that allows pop-up ads to appear when a user searches the internet. Pop-up windows, such as the ones asking users to subscribe to newsletters, can be innocent or dangerous. Generated by scripting or active content, the windows collect data based on browser user. In some cases, the cookies, or script that track user interaction with a website, can also be considered spyware.
Margaery Tyrell, sister of Loras, marries Renly Baratheon to solidify the alliance between the two houses, fully aware of her brother’s relationship with her husband. After Renly’s death, she flees her husband’s camp and heads to King’s Landing where Loras betroths her to Cersei’s son, Joffrey. Secretly, however, Margaery seeks the Iron Throne for herself. Margaery infiltrates the Lannister home, working quietly in the background to undermine her new family.
Similar to the way in which Margaery utilized insider information to infiltrate the Lannisters through marriage while remaining committed to House Tyrell, spyware works in the background of browsers to infiltrate users and obtain sensitive information.
Browser security can lead to vulnerabilities that infiltrate operating systems. As users increasingly use browser-based web applications for work and leisure, cybercriminals evolve their threat methodologies. As recently as March 2019, malicious actors found a previously unknown vulnerability, also called a zero-day vulnerability, that websites could use to install malware on computers, affecting the operating systems. Although most web browsers update automatically, users often ignore update prompts because they have many tabs running and worry about losing access to the data.
Olenna Tyrell, the last of the family, earned the nickname “Queen of Thorns” for her blunt attitude. Although the matriarch and not ruler, Olenna’s power over the Reach is undeniable. In her dealings with the Lannisters, Olenna smartly and subtly engages in King’s Landing politics. Protecting her family lineage, she agrees to marry Loras to Cersei and Margaery to Joffrey. However, she secretly poisons Joffrey to prevent her granddaughter from marrying him. Thus, she sets in motion a series of events that lead to disrupting the Lannister’s plans for gaining the Iron Throne.
Similar to Olenna Tyrell’s political gaming and murder, operating system malware acts as an insidious intruder that can cause business operation failure.
Thus, browser attacks can undermine data security controls in the same way that the seemingly innocent yet thorny Tyrells undermine the Lannister grab for the Iron Throne.
Follow us next Friday to see who will win or die in the Game of Cybersecurity.
Vendor management is the process an organization utilizes to assess and manage a third- or fourth-party vendor. Learn how SecurityScorecard can help.
Performing cybersecurity risk assessments is a key part of any organization’s information security management program. Read our guide.
Templates and vendor evaluations are needed to level that playing field, in a time efficient and fair way, so that the best vendors are chosen.
Co-founder and CEO, Alex Yampolskiy, speaks about the importance of measuring and acting on key indicators of cybersecurity risk.
You can’t manage what you can’t measure. Check out our list of the top 20 cybersecurity KPIs to track in 2021.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.