back to article So many 'cyberspying hackers' about... and most of you are garbage

Cyber-espionage groups are too numerous to count and are often far less skilled than their reputation suggests, according to threat-trackers. Costin Raiu, director of global research at Kaspersky Lab, estimated that anything between 100 to 200 hacking crews operate in China alone. Despite the hype abut zero-day attacks, many …

COMMENTS

This topic is closed for new posts.
  1. btrower

    Successful is as successful does

    Saying that successful attacks were not particularly elegant is rather empty. If the attack gets through, it is a powerful and dangerous attack.

    Mike Tyson was not the most elegant boxer, but he won a lot of fights.

    Our systems are extremely porous all around and it is *by design*. Sure, there are *tons* of bugs and errors in judgment there, but the entire infrastructure is in a shambles. Why? Because people with a great deal of control over the system need to be able to track, force their way into systems and disable systems. Making everything truly secure would secure it against them as well.

    Nobody in a position to do anything about security is serious about it, but if they were, DNS would be distributed, we would be on a *successor* to ipv6 already instead of struggling to even get ipv6 adoption, encryption would be the *rule*, not the exception, encryption keys would be measured in Mbits or more instead of Kbits and less, etc.

    We do not even have properly consistent universal PKI.

    My browser would not rely on a set of root certificates issued by untrustworthy entities that include, it would seem after NSA revelations, attackers.

    etc.

  2. Anonymous Coward
    Anonymous Coward

    "Lots of attacks are successful but not advanced,"

    Why should that surprise anyone? Where the goal of the intruder is to grab specific files or hijack a twitter feed, then keep it as simple as possible. Hold back the sneaky for when you need it.

    1. Anonymous Coward
      Anonymous Coward

      Exactly - why unwrap the nukes when you can get the same results with a custard pie?

  3. MissingSecurity
    Meh

    Seems like poor security...

    I don't quite understand how they can equate using the lest amount of effort for achieveing the same goal as being crap. I don't doubt many tools have made "hacking" less skill based but really I don't know why you'd go through the effort to drop zero days when you can simply type admin:irsmart (yes, taken from expereince) at the login window.

    I guess its kind of obvious that with more groups hacking only a select few are going to be real threats to major corporations and governments, but if they are crap hackers by proxy there are a lot of crap security boffins which couldn't "secure" the network against what they are essentially calling script kiddies.

    And if they are crap hackers how and the hell do they have zero days? If they are capabile of producing zero days I'd say there is atleast some talent on board. Maybe I'm overthinking this...

    1. Swarthy
      Joke

      Re: Seems like poor security...

      Great, now I need to change my password! I haven't had to do that since SpaceBalls told everyone the combination to my luggage.

  4. Tanuki
    Devil

    Channeling the spirit of Donald Rumsfeld : there are unrecognised unsuccessful attacks, recognised unsuccessful attacks, unrecognised successful attacks and recognised successful attacks.

    Of course, you only ever have any kind of metrics for [2] and [4]. whereas it's really [1] and [3] you need to concern yourself the most about.

  5. Fehu
    Pint

    PR for your honey pot?

    The only ones that will fall for that are the really dumb ones. Which sort of proves your original point. Like a prof once said, "What we measure, we increase. So, be careful what you measure."

    Brewskies 'cause it's always appropriate.

  6. jason 7

    Would I be right in thinking....

    ...some of the basic ground rules for hacking these days would be -

    Don't do it from your own home.

    Don't do it on a machine you use for anything but hacking.

    Don't use your own credit card...

    Don't let them know you've been.

    Don't keep going back.

    Don't leave sarcastic/nasty comments behind that just make you sound like a vindictive d*ck to a jury.

    I just see so many cases on the news that don't appear to have thought through what and how they are doing it.

    Best rule is probably not bother in the first place.

  7. Anonymous Coward
    Anonymous Coward

    There is good news however

    A prison cell awaits every hacker.

    1. M Gale

      Re: There is good news however

      Or a medal. Depends on which three letter agency you're hacking for, no?

      Personally, I had no idea that turning a couple of old heatsinks and a peltier element into a bottle cooler could land me in prison. I hope the Judge and Jury look kindly on me. I was just being curious!

  8. John Smith 19 Gold badge
    Unhappy

    Depressing.

    So the ongoing cavalcade of human stupidity that enables most penetrations to succeed (poor patching, executable content, etc) continues unabated.

    In fact if sysadmins did their job (or perhaps were allowed to do their job) and all staff were even minimally educated I suspect most of these crews would be history because they'd be blown away. These guys may be prolific but SFW? Do they all have mad skills? I doubt it.

    Shock news. Why use a (presumably) undiscovered zero day when Dumbo McStupid will open anything sent to them headed "Dear Colleague?"

    1. ecofeco Silver badge

      Re: Depressing.

      Don't just blame businesses. Home users and small businesses are notoriously ignorant on security.

      1. John Smith 19 Gold badge
        Unhappy

        @ecofeco

        "Don't just blame businesses. Home users and small businesses are notoriously ignorant on security."

        True.

        But I think the term "cyber-espionage" suggests those are not the people being targeted.

        Although better education for them would help as well.

  9. charlie-charlie-tango-alpha

    kaspersky schmersky

    Raiu said "“They are opening stolen documents on virtual machines without any internet connection to avoid exposing themselves that way,”

    So how does he know that?

  10. Pascal Monett Silver badge

    "Thacker added that although everyone wanted to know the source of APT attacks assigning attribution was difficult. "Everybody wants information on who’s attacking, but attribution isn’t easy," Thacker said."

    That, my dear Mr. Leyden, is called PADDING. It is crude and obvious. You can do better.

This topic is closed for new posts.

Other stories you might like