Jiu Jitsu vs InfoSec: Attack from Defense
This is part of a series comparing Jiu Jitsu with InfoSec.
In BJJ, it’s possible and likely probable that a blue belt in a street fight can submit and subdue their attacker from a position that the attacker and any onlooker unfamiliar with BJJ may think is unfavorable. YouTube is full of videos, especially from the early days of the Gracie family competing in the U.S., that show exactly this — a trained fighter in another martial art winds up on the ground, where they are not trained, but on top of the BJJ player who then submits them. An opponent can be choked out while mounted on top of a trained BJJ practitioner in a sense of false security.
In InfoSec, defense can attack and win from what appears to be an unfavorable position. And no, this doesn’t have anything to do with the “hack back” laws (the attribution problem would take pages and pages to discuss properly). Some recent examples: researchers reverse engineered the Mirai botnet code, discovered a vulnerability, and exploited it to shut down the botnet; a malware analyst discovered that registering a DNS domain name would cause a worm to end execution; cryptanalysts found flaws in ransomware cryptography and derived decryption keys for victims so they wouldn’t have to pay the ransom; organizations have deployed subtle “canaries” (when the canary in the coalmine stopped singing it was a sign of a ventilation problem and that miners should react immediately) or “honeypots” that tip off the defenders of the presence of attackers; defenders allowed infected computers to continue to operate so that they could learn more about their attackers and ultimately trace back the main entry point. These are ways where InfoSec defense went on the offense to achieve a security outcome.
The untrained eye might perceive you are in a bad position — find a way to exploit that position to your benefit. Better still: prepare for it through training.
Read more: Jiu Jitsu vs InfoSec: Positional Sparring
