Illusive Blog August 25, 2021

What Can Cybersecurity Learn from Super Mario Bros.?

By Nir Greenberg
Experiential Demo, Ransomware, View from the Attacker

When your castle is under attack, deception can protect what matters most.

Super Mario Bros. is one of the most iconic games in the world, but just in case you’ve never played (or it has been years since you have) allow me to give you quick overview. Mario, a heroic plumber, is tasked with rescuing a princess, who has been kidnapped by Bowser, a villainous dragon.

As Mario makes his way through eight increasingly difficult worlds, each of them is protected by a castle. And as Mario reaches the end of each castle, he has the opportunity to defeat Bowser. Only after defeating Bowser does Mario learn that it wasn’t the real Bowser after all and that “our princess is in another castle.”

Mario Bros Cybersecurity

Not Even Mario Could Defeat Illusive

It isn’t much of a stretch to compare protecting a princess in a castle to protecting the crown jewels of an organization: its valuable data. And although Mario is a protagonist, he also has a lot in common with any persistent cyber attacker: he knows what he wants, he will stop at nothing to get it, and he will use any resources available to get there. For example, there are a few “Warp Zones” that enable Mario to skip entire sections of the game, just like exposed access credentials enable cyber attackers to gain entry into a network.

At first glance, it may seem like Bowser has deployed very traditional defenses. Building castles seems similar to the concept of the network perimeter, protected by the traditional network firewall. But in reality, Bowser has deployed a sort of advanced threat protection by sending Mario on a wild goose chase across empty castles with decoy bosses.

Don’t Let Ransomware into Your Castle

When it comes to ransomware and other advanced persistent threats, lateral attack movement is the name of the game. Once an attacker has established a beachhead in an organization, perhaps through exposed access credentials, they will continue to pivot and move laterally across the organization, taking admin control along the way and stealing valuable data –like Mario moving around the world map.

Traditional network security solutions, such as firewalls, are not effective at detecting this sort of lateral attack movement. Many forms of access control and endpoint protection, such as EDR, are nothing more than a checkpoint that provides unfettered access once defeated – like Mario raising a flag after beating a level.

Instead, Illusive is providing advanced threat protection that can prevent lateral attack movement. In fact, Illusive can discover and remove exposed access credentials and pathways entirely. Organizations can realize the benefits of Zero Trust security with zero false positives. Deception-based detection is deterministic – if Illusive triggers an alert it requires a response. Period.

Not to mention, attackers will waste valuable time interacting with Illusive’s fake identities, credentials and connections. Imagine if Bowser could send Mario back to the first level through a “Warp Zone,” it would be game over for Mario. With Illusive, it’s game over for attackers.

Get the “1-Up” on Cyber Attacks with Illusive

Speaking of game over, if you have liked this discussion of how Super Mario Bros. is related to cybersecurity, then you are going to love Illusive’s new “Sim Hacker” game.

View from the Attacker Game

Play it during your next coffee break to see how attacks move across an organization and try to take the crown jewels from Illusive (or show it to a colleague to help them understand the scope of the problem you’re facing). Do you think you have what it takes to get the high score? Or will you wind up like more than 130 penetration-testing red teams…defeated by Illusive. Play Now!

Nir Greenberg is Senior Director of Field Engineering at Illusive