Narrowboat Nightmares Continued: How Threat Intelligence Could Have Saved Me Thousands


Armadillo, 4 Feb, 2019

So here’s another fun story around my narrowboat nightmares, if you didn’t catch the last one, I would recommend giving it a read here. This time my streak of bad luck on my floating home continues and becomes strangely relatable to threat intelligence. But not as most people see threat intelligence, when it’s too late, rather pre-emptive threat intelligence, the kind that could have saved me much pain and money from this experience.

To lay the scene, my old BMC engine had ‘thrown a rod’, that’s engineer speak for smashing the crap out of itself. A piston had lost its bearing smashing the engine to death from the inside out. Obviously, I needed a new one to function in my canal environment to power my boat and re-water/re-fuel; I had to begin the dreaded journey of finding a supplier for a huge project.

I’d been approached by somebody that seemed too good to be true (in hindsight, a major red flag!). For weeks my girlfriend and I had been looking for the correct supplier that didn’t break the bank (for those who don’t know, very few legitimate engineers exist on the canals that can deal with old BMC engines that are now 60+ years old). Then, out of nowhere, arrived what seemed like a white knight, he came straight to us and provided a good, fast service. He also had a yard (like a car garage, but on water) to store our boat while he fixed it so we wouldn’t be homeless during the work. Best of all the cost was at a steal compared to others!

However, the sayings true you get what you pay for, to my horror the below scene awaited me when I returned. We were towed to a skip with what I can only describe as a breeding ground for tetanus, and they had taken my old BMC engine. Decent threat intelligence could’ve forewarned me that this attack was likely, fake engineers exist on the water, like hackers, they wait for their moment then strike. Stealing credentials, data and in my case… an engine. I could have seen the threat for what it was before allowing it access to my home and infrastructure. Just like stolen harvested credentials of an engineer, I allowed him access to my infrastructure.

Narrowboat on a canal covered in debree.

Worse still I had no threat intelligence to explain where the engineer had taken my engine. Had he sold it? Or simply hidden it away to use as leverage over me. In my situation I would love to have known this, I could’ve taken my property back and ran. The best threat intel seeks the darker web for dangers and acts as a spy in the enemy camp, warning you of locations and plans of hackers. I would’ve killed for that ability at the time, as would many who have had data leaked would.

This continued for months, I was left helpless while this engineer didn’t respond to my emails or calls. I refused to pay for anything further until I was given my engine back; after all, if you pay your kidnapper, you only make them professionals. This move has consequences, the engineer gathered his workers to intimidate, trying to damage my name, saying I was guilty of not paying the thief for more ‘work’ to be done. It was similar to hacktivists coming to damage my brand and property, it didn’t feel safe, I’m lucky my defences of barred windows stopped the easiest entry point for them (windows tend to be the chosen point of entry when narrowboats are broken into), others security structures just can’t stand this attack too. I had no way to monitor this, these actions and how to best mitigate this, I got lucky.

And then, I got luckier… the engineer gave in after many discussions and my threats to get the police involved, unlike so many others I got the engine back. However, I now had to pull the wreckage of my home, my name and my brand out of this mess. Down on time, money and pride I had to drag my boat out of there, in the dark, which took 2 hours.

Soon after leaving the ‘yard’ I found out that the supposed white knight had also scammed dozens of other boaters and been taken to court for slavery the year before. Even if I struggled for the period I did, I’m grateful that I got out before worse happened. Yet that simple bit of threat intelligence could have saved me so much time, money and pain. Many, like me, believe their current security can save them from an advanced attack. I learnt a lot from this experience. We are guilty of being incredibly reactive creatures, once breached, the company may get more funding to compensate and live to fight another day, but many don’t. 60% of smaller companies go into bankruptcy post breach, the stakes are higher than ever, we can no longer afford to be reactionary, but must endeavour to be preventative.

Here at Armadillo we work closely with our customers to detect and mitigate threats, utilising real threat intelligence technology such as Blueliv. Blueliv detect and retrieve stolen credentials, acting as a spy satellite, you can be informed about future attacks and plan your strategy based on proven security software. Learn from my mistakes, be ahead of the danger, ready when they come for your data, brand and eventually your business. Talk to us today about what security is best suited to your needs.

 

Written by: Ryan Short, Internal Junior Account Manager at Armadillo.