Security Lessons from Nature – Rats, Bamboo and Surprises
There are some plants that bloom several times a year, some that bloom every year and some that bloom every few years. However, there are also a few types of plants that bloom every few decades. This is generally viewed as a fairly big deal, and botanists get all excited and talk to bored people at parties* for hours on end about how special and wonderful it was, and how happy they are to have finally seen such a thing. Unless you’re a botanist, you probably wouldn’t care much.
* At least, at the sorts of parties that over-excitable botanists get invited to.
That is, unless you happened to live in Asia and the plant happened to be bamboo. Unlike the American century plant, of which individual members bloom every few decades and then die, bamboo has learned to do synchronized blooming. Now, as scary as it is when a bunch of people start synchronizing their swimming, it’s far worse when bamboo does it.
Granted, it’s not the bamboo so much as the rats.
When the bamboo blooms, it pollinates and then produces fruits and seeds. Suddenly, there’s a lot of food around and rats appear to devour all the bamboo fruits. In the process they, of course, tend to make more rats. So, for the course of a year or two, there are more and more bamboo fruits which result in more and more rats. This is all well and good until the bamboo suddenly all wise up and think “Wait a minute, what are we doing here? Rats are eating us!” and promptly go back to being placid grasses.
This leaves hundreds of rats, thousands of rats, millions and billions and trillions of rats… and no lovely little bamboo fruits to eat. Being more intelligent than the bamboo (and lacking the “hey, let’s all be grass again” gene), the rats promptly turn around and start eating everything else that they can.
In Mizoram, a state of India, this means eating the people’s crops. It means that the farmers who, for a generation or more have been easily able to feed their families and export enough to make a reasonable living are suddenly transformed into fighters that must defend their livelihood against a rampaging horde of rats. And really, there’s not a lot they can do about it. A farmer may take on a rat and win, but one farmer versus one thousand rats is much less of a sure thing.
Similarly, you may be able to defend your business against an attacker or two, but when those few attackers suddenly become a coordinated attack from thousands to millions of computers, you’re pretty much not going to win.
Distributed Denial Of Service (DDOS) attacks mostly target larger companies, but as bot nets become more affordable, the likelihood of an attack targeting you goes up. We’ll look at this in more detail tomorrow.
For now, just consider the problem facing the farmers Mizoram, and think that we don’t even know what diseases these rats might be carrying.