- May 22, 2016
- 349
A Cyberattack ‘the World Isn’t Ready For’
This one is a little bit different .... a departure from the norm .
The ransomware in this case was used to distract attention from a far more damaging attack .
From that NYT article :-
"the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand,
hackers could have run free through the company’s computer network, taking confidential information or destroying machines."
I'm concerned that we are still not seeing the bigger picture .
And by "we" , I mean researchers , AV vendors and other security professionals ( with myself included , but I can't speak for other MT members )
There is an alarming tendency to stick to an adopted point-of-view and then assume that it covers all current threats , dangers and eventualities .
Or to put it another way , having identified the latest " very bad thing " all further attention becomes focused on that one thing .
For me , the attack reported here clearly shows how those responsible had taken that fixed mindset on-board ,
and exploited it to it's full potential .
I don't have any conclusions to draw ( and maybe not even a point
) , but I thought I'd toss it out for debate here .
Just my 2 qintars worth
This one is a little bit different .... a departure from the norm .
The ransomware in this case was used to distract attention from a far more damaging attack .
From that NYT article :-
"the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand,
hackers could have run free through the company’s computer network, taking confidential information or destroying machines."
I'm concerned that we are still not seeing the bigger picture .
And by "we" , I mean researchers , AV vendors and other security professionals ( with myself included , but I can't speak for other MT members )
There is an alarming tendency to stick to an adopted point-of-view and then assume that it covers all current threats , dangers and eventualities .
Or to put it another way , having identified the latest " very bad thing " all further attention becomes focused on that one thing .
For me , the attack reported here clearly shows how those responsible had taken that fixed mindset on-board ,
and exploited it to it's full potential .
I don't have any conclusions to draw ( and maybe not even a point
) , but I thought I'd toss it out for debate here .Just my 2 qintars worth
Last edited:
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}