I first saw this on funsec security discussion list:
Dwarves zipped in
suitcases steal from Swedes
The gist of the story is it appears gangs are putting dwarves in luggage on long-distance coaches. The dwarves are then able to roam the baggage holds and steal at will.
What does this tell us about security? Quite simply, when we think we've got all the angles covered, the attackers will come up with a new way to beat our systems. That's why security is always an evolving process. This goes in lock step with a weblog post from F-Secure which talks about using more and more automation to keep up with malware. The volume of malware seen is increasing and security companies are having to use more efficient methods to keep up.
Given that attackers are going to continue to innovate new attack methods, as Directory Services MVP Joe Richards has pointed out, we've got to be familiar with our systems when everything is running correctly. The best way to do that is to get used to observing our systems when everything is fine. When an anamoly does come up, we'll see it and investigate further. The majority of the time it's not likely going to be related to an attack. But because we are practiced at seeing what things are when the system is right, we'll still catch the anamoly, attack or not. And if it is an attack, we'll likely be responding faster than if we didn't take the time to learn our systems. And if it isn't, it may be a problem we need to respond to. The sooner we're able to respond, the more likely we'll keep things from getting out of hand. This has a bottom line impact on system availability