back to article Whose line of attack is it anyway? Cyber-assault whodunnits harder than ever to solve

Government-backed spies and hackers are increasingly using commercially available malware – thanks to a flourishing market of off-the-shelf software nasties – making it harder for researchers to identify who exactly is behind a cyber-attack. Traditionally, infosec bods have sought to pinpoint and unmask hacking crews by …

  1. Anonymous Coward
    Anonymous Coward

    Interesting summary on the China Chip controversy

    Amazon, Apple, China all deny it officially. But of course 'they would say that wouldn't they'. More damaging than potential Spectre related hacks especially to Amazon, but also to Apple as it has juicy info on users etc.

    https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-inside-the-bag-of-tech-tricks-used-by-china-spies

    1. Anonymous Coward
      Anonymous Coward

      Re: Interesting summary on the China Chip controversy

      Of course they had to deny it ... the implication is that everything on AWS has been compromised.

      Basically, when you setup this sort of access, you do it in a way that allows you to turn it on when you need access and you make it invisible when you are not using it ... so when the customer tests the system it has a clean emissions profile and it stays that way until it's turned on. After it's been running for a while and the system appears to be in use, it turns on quietly and waits for a wake up packet.

  2. Anonymous Coward
    Anonymous Coward

    They should have said it was the GRU, and everybody would've enthusiastically and unequivocally acknowledged it (except the Russians, of course).

    1. Anonymous Coward
      Anonymous Coward

      (except the Russians, of course).

      Who would claim instead that in fact they were only trying to visit the website of St John's-on-the-Wold, but were discouraged by all the "under construction" icons, and the lack of suitably timed choir practices, and thus - on their way back to google.ru - inadvertently visited some banking servers?

      :-)

    2. Grikath

      Here's the thing... Nowadays "Hacking" has two distinct levels: script kiddies, and " they're digging where?!! "

      Now I'm a 100% believer in the levels of autism and OCD ( besides , y'know, actual aptitude and knowledge) you need to actually find deeply buried flaws. But you're not going to tell me that people that can and find and utilise these holes and work for a "state actor" leave enough footprint to identify someone easily.

      Easy to point at NORK or Russia. Any of the 5 Eyes is, of course, completely innocent, would not dare, the sheer thought, etc..

  3. Version 1.0 Silver badge

    "They set up a backdoor, and all you see for the next 18 months is someone checking the back door a couple times a month, then suddenly they moved in and got data,"

    Has anyone checked the dark web for a "For Sale" post? It sounds like someone got access and then started hawking it and finally found a buyer.

  4. Anonymous Coward
    Anonymous Coward

    from the Register today

    "Whose line of attack is it anyway? Cyber-assault whodunnits harder than ever to solve

    Sophisticated groups not always so easy to pick out"

    such a true headline/article yet we get the exact opposite "UK pins 'reckless campaign of cyber attacks' on Russian military intelligence"

    now "pins" gets a bit wooly as it became "almost certainly" when reported by BBC R1,2,3,4 TV today, every twenty minutes, all fugging day long

    sort of "squirrel" shouting, again.... now whataabout SUPERMICRO's reboot of the NSA's https://upload.wikimedia.org/wikipedia/commons/6/60/NSA_TRINITY.jpg ANT bug?

    1. FrogsAndChips Silver badge

      Surely you're able to tell the difference between "our servers were attacked by this widely available toolkit, so we have no idea who's behind it" and "Dutch police find 4 Russian guys with diplomatic passports, in a Lada with WiFi antennas directed at the Organisation for the Prohibition of Chemical Weapons headquarters"?

  5. DCFusor

    Heh

    This commentard has been taking UMBRAGE at many of these "our enemy for the current agenda did this" attributions for quite some time. Nice to hear some of the "pros" are catching up with the obvious. Having spend some time doing tech in government (sorry, I did quit as soon as I figured things out) - believe me the idea that something clever could only be done by a state sponsored actor is ludicrous.

    Funny, they didn't bother to deny the UMBRAGE program - or any of the other leaked ones...

    Or Snowden's leaks, or Assange's, or those nasty emails...as if who hacked who was more important than the content that all agree was factual...wow. They are selling the idea that it's the fault of the messenger and people buy that?

    Or that agencies that lie for a living are telling the truth just this once; laughable.

    There are no such things as false flags...oh wait a minute...

    They're probably not telling a lie when they say they're protecting the government..parsed carefully, what does that mean about protecting you?

    Luckily, like the cops and robbers where I live - both are low IQ range and mostly bother one another and leave we alright people alone.

    1. amanfromMars 1 Silver badge

      Re: Heh

      Defending the indefensible and despicable, the corrupt and perverted, always has one battling and failing against greater intelligence forces and sources revealing resources that are utilised and led by arrogant fools and ignorant tools, DCFusor.

      Pleased to hear you figured that out and have moved on to other things. Worlds are a more interesting and engaging space then with the stubbornly moronic left wallowing and floundering in past fast degrading acts rather than flying high in future exciting adventures on TitanICQ AIMissions? :-)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like