- Joined
- Sep 13, 2012
- Messages
- 11,265
- Reaction score
- 0
Vladimir bless!
A good read, opposite to CNN etc
If you're completely out of the loop I tried to explain the basic picture of the connection between Russian intelligence agencies and advanced persistent threats in another thread, Fancy Bear would be such a group and is one of the two groups which was more or less found responsible for the DNC breach.
Now their signature was found on compromised devices of Ukraine's military.
http://www.darkreading.com/threat-i...und-tracking-ukraine-military/d/d-id/1327778?
A quite interesting read.
A good read, opposite to CNN etc
If you're completely out of the loop I tried to explain the basic picture of the connection between Russian intelligence agencies and advanced persistent threats in another thread, Fancy Bear would be such a group and is one of the two groups which was more or less found responsible for the DNC breach.
I'm a hardcore hater of the Democrats and I think it's pathetic how the media spins together a 'hacked by the Russians' narrative that often makes it sound as if Russians hacked voting machines and gave some votes to Trump if you only read the headlines or Democrat's comments on the issue.
But as a professional security engineer, my honest opinion is that I don't doubt that they were able to link the DNC hack to some 'Russian group'.
Some of the independent companies are highly respected and if they come to the same conclusion like intelligence agencies and law enforcement agencies, I just don't see a rational argument why I wouldn't believe them. Of course, you probably can 'buy' anybody but the risks would be higher than the rewards.
It's just important to keep in mind to look at it from the right angle and understand what they do or don't know.
The attacks were linked to so-called "advanced persistent threats" located in Russia, organized groups capable of professional and targeted attacks at high-priority targets, and those specific groups involved in the DNC hack are typically "associated" with Russian intelligence agencies, which means they are 'likely' sponsored and called into action by Russian agencies.
Those are conclusions based on strong technical indicators, their modus operandi, their targets, their capabilities etc.
But that's still not like in a movie where they find an IP address in the logs, enter it in some search engine and say "Oh it's the kremlin" or "we identified Victor Gorchow, he works for the KGB!". It's also not necessarily a fact that every advanced persistent threat works exclusively for a specific intelligence agency. So I don't doubt their findings linking (I believe two of) those groups to the DNC breach, but that's just not the same as what most people have in mind when they read or write the Russians hacked our election!
I should add that I'm not a penetration tester but audit software and that I didn't actually spend a lot of time reading through the facts but I feel a lot of people just miss any perspective on what we're even talking about with those Russian hacks.
Now their signature was found on compromised devices of Ukraine's military.
http://www.darkreading.com/threat-i...und-tracking-ukraine-military/d/d-id/1327778?
A quite interesting read.