We attended the RSA Conference in San Francisco this week.  There are two giant convention halls filled with latest in information security.  In addition to the in-booth presentations, there are continuous presentations and panels discussing security.  Jeh Johnson, the Secretary of the Department of Homeland Security, was a keynote speaker. Yet, in this sea of the new, the most interesting thing was something patented almost a century ago. In the NSA’s booth (yes, that NSA) was this:

Enigma

A wooden box about the size of a toaster oven — an Enigma machine.  The Enigma machine was patented in 1919.  The Germans knew that their messages were being read. Starting in 1926, the Germans took steps — the Enigma machine — to prevent the reading of their messages. Observing the unreadable messages, the forces in opposition to the Germans took steps to break the Enigma codes. Thus began a cat and mouse game in which the Germans made improvements in the Enigma machine and the Allies defeated the improvements. In February of 1942, the Germans deployed a vastly improved version of the Enigma machine. The improved Enigma machine was overcome by the Allies in December of 1942, thanks in large part to operator errors and poor security practices by the Nazi’s. The reason that the Enigma machine is important is not its technology, but its lesson. That lesson is  the important cybersecurity maxim of Dr. Frederick Chang, former NSA Director of Research:

… cybersecurity is fundamentally about an adversarial engagement.

Just as the Nazi’s evolved the Enigma machine to try to stay ahead of the Allies, APT actors evolve their methods over time to stay ahead of cyber defenses.