BOSTON (AP) — Some of America’s most deeply held secrets may have been stolen in a disciplined, monthslong operation being blamed on elite Russian government hackers. The possibilities of what...
Of course. At this point it is almost cartoonish always blaming the Russians, like do they have a monopoly on hackers or why is it necessarily them?
Hackers infiltrated government agencies by piggybacking malicious code on commercial network management software from SolarWinds, a Texas company, beginning in March.
Critical support for insecure software like this from SolarWinds I guess
The SolarWinds campaign highlights the lack of mandatory minimum security rules for commercial software used on federal computer networks. Zoom videoconferencing software is another example. It was approved for use on federal computer networks last year, yet security experts discovered various vulnerabilities exploitable by hackers — after federal workers sent home by the pandemic began using it.
This is what happens when government says fuck opsec, it finds out.
The reason you hear about russians doing all this stuff is because 1) they have a great state hacking infrastructure, and put it to use effectively 2) the US does have the same sort of capabilities but is generally not using it for releasing information to the public like most of the russian goals 3) other state actor hacking groups have fundamentally different targets where even if a breach is found nobody makes a public statement about it, ie China using state groups for industrial, space, and nuclear trade secrets 4) russian state goals often include doing things in the US news cycle for whatever reason so that means you can figure out not only that it happened but who did it (because most of these groups including america have very obvious fingerprints on their attacks whenever stuff gets released or attacks become public)
it's basically all down to russia being the only one doing this stuff with the intention of leaking their findings publicly, most other state actors do this stuff to get secret information and keep it to themselves.
I am kinda confused about what russia sees as the goal, obviously at least part of it is just getting back at the american military industrial complex and making the US look like a bunch of bumbling idiots, but I don't think they really needed to do anything to get that.
Of course. At this point it is almost cartoonish always blaming the Russians, like do they have a monopoly on hackers or why is it necessarily them?
Critical support for insecure software like this from SolarWinds I guess
This is what happens when government says fuck opsec, it finds out.
The reason you hear about russians doing all this stuff is because 1) they have a great state hacking infrastructure, and put it to use effectively 2) the US does have the same sort of capabilities but is generally not using it for releasing information to the public like most of the russian goals 3) other state actor hacking groups have fundamentally different targets where even if a breach is found nobody makes a public statement about it, ie China using state groups for industrial, space, and nuclear trade secrets 4) russian state goals often include doing things in the US news cycle for whatever reason so that means you can figure out not only that it happened but who did it (because most of these groups including america have very obvious fingerprints on their attacks whenever stuff gets released or attacks become public)
it's basically all down to russia being the only one doing this stuff with the intention of leaking their findings publicly, most other state actors do this stuff to get secret information and keep it to themselves.
I am kinda confused about what russia sees as the goal, obviously at least part of it is just getting back at the american military industrial complex and making the US look like a bunch of bumbling idiots, but I don't think they really needed to do anything to get that.