In the field of cybersecurity, some words that started off as outright jargon are now in common use because they are just so meaningfully appropriate.
The word RAT, short for Remote Access Trojan, is a good example.
A RAT is a malware program that is specifically designed to open up a hidden backdoor on your computer so that crooks can get back in later – like a window that’s surreptitiously unlatched by a sneaky visitor so an accomplice can break in at night and make off with your valuables.
Sometimes, the data targeted by a RAT is sleazy – as in the the case in which Miss Teen USA and 150 other young women were photographed covertly by a creep using a RAT to control their webcams.
And sometimes the purpose is plain avarice – as in so-called banking RATs that give crooks access to bank accounts or cash machines from an insider position.
RATs aren’t just a Windows problem, either, because RATs are both possible and known on platforms such as macOS and Linux, too.
But the “cash machine RAT” in this story is literal, rather than figurative; a rodentine fact rather than a metaphor.
A bank in India, faced with an ATM that wouldn’t dispense money despite apparently still containing plenty of cash…
…was opened up to reveal a dead rat, together with more than 1.2 million rupees (about $17,500) of munched-up banknotes.
As you can imagine, chewed up banknotes make safe and comfortable bedding for the average rodent, and even have modest nutritional value, but they don’t contain much water.
So, despite having access to considerable wealth in human terms, this poor rat didn’t stand a chance after squeezing in through the access hole for the ATM’s network cables and finding it couldn’t get back out.
We’ve written about animal crackers before, with network outages and cybersecurity woes caused by a range of creatures including squirrels, eagles, baboons, wombats and even the super-cool squirrel glider.
What to do?
This story makes the humble rat into yet another cybersecurity metaphor.
The doomed rat in this case was able to get in, but perished because it couldn’t get back out again – a reminder that computer security is as much as about keeping the good stuff in as it is about keeping the bad stuff out.
Firstly, “good stuff” can escape by accident as well as by design, meaning that you need to take steps to stop it being exposed even in a world without cybercriminals.
Secondly, it’s simply not possible, in theory or in practice, to keep the bad guys out all the time, meaning that you should take steps to limit the harm that cybercrooks can do even after they think they’ve bypassed your security.