Harry Potter and the Sorcerer’s Stone from a Cyber Security Perspective (Part 2)

Welcome to part 2 of the series :)

If you missed part 1, feel free to read it here!

Scoping an Engagement

Quidditch Training

Scoping an engagement is deciding which systems are acceptable to target, confirming the time frame of testing as well as the methods used. It is essential to verify scope prior to starting an engagement.

Similarly, in the sport of Quidditch each position has a scope. For instance, the Seeker’s job is to capture the Golden Snitch. If a team’s Seeker manages to capture the Golden Snitch, their team wins and the game ends. Other tasks, such as capturing the Quaffle or stopping goals are outside the scope of the seeker.

Authentication and Authorization

Gryffindor Lady

Authentication is verifying the identity of an individual. Authorization determines the access rights of that individual.

Here the Gryffindor Lady asks any student for a password to authorize them to enter the Gryffindor tower.

Indications of Compromise

Mr. Filch and an IoC

An Indication of Compromise (IoC) is forensic evidence that shows that a breach has occurred.

Here, in this scene, Mr. Filch has discovered a broken lantern in the restricted section. It is an IoC showing that someone breached the perimeter and was in that section.

Evading Antivirus/Evading Detection

Harry and the Invisibility cloak

Evading antivirus is an essential step in persistence and avoiding detection.

The analogy here is that the Cloak of Invisibility protects the person wearing it from threats by rendering them invisible.

Defense in Depth/Layered Security

Fluffy

Defense in depth, is a method/mechanism of using layered security defenses and controls to protect against possible threats.

Defense in Depth/Layered Security for the Sorcerer’s Stone

In the movie, the Sorcerer’s Stone is protected by multiple layers of security. These start with restricting access, then a three headed beast (Fluffy), followed by a trap door that leads to the Devil’s Snare plant. If a threat actor is able to bypass all these security layers, they have to capture a flying key, play and win a Wizard’s Chess game and then look into the Mirror of Erised and bypass it.

References:

1. https://www.cornellcollege.edu/intramurals/PDFs/Quidditch%20Rules.pdf%20for%20IM.pdf
2. https://harrypotter.fandom.com/wiki/Seeker
3. https://www.onelogin.com/learn/authentication-vs-authorization#:~:text=Authentication%20verifies%20the%20identity%20of,the%20security%20of%20a%20system.
4. tinyurl.com/45m2hscp
5. Harry Potter and the Sorcerer’s Stone