[Hidden-tech] Maybe some one can help - at least locally
Daniel Nachbar
daniel.nachbar at gmail.com
Sun Dec 20 20:39:57 UTC 2020
I'm not a network security expert but I have discussed this topic with some.
Their consensus view is that there is essentially no way to effectively
scrub the compromised networks/machines. These are very sophisticated
attackers who had far too much access for far too long. Rebuilding from
scratch is likely the only effective response.
However such drastic remediation is almost impossible to sell to upper
management when there is no immediate evidence of compromise. Worse yet,
making the pitch to rebuild requires one to explain to upper management how
one totally screwed up in the first place.
So most victims will likely instead do some half-measure "security scans",
which will of course find nothing (because these are extremely
sophisticated attackers), and then just move on. Months or years from now
previously unidentified dormant worms will activate and the whole
compromise cycle will begin anew.
There is going to be a very, very long tail on this thing.
On Sun, Dec 20, 2020 at 12:39 PM Rich at tnr via Hidden-discuss <
hidden-discuss at lists.hidden-tech.net> wrote:
> Should like a job for a super-techie -- any takers ??
>
> It’s going to take months to kick elite hackers widely believed to be
> Russian out of the U.S. government networks they have been quietly rifling
> through since as far back as March in Washington’s worst cyberespionage
> failure on record.
>
> ... “We have a serious problem. We don’t know what networks they are in,
> how deep they are, what access they have, what tools they left,” said Bruce
> Schneier, a prominent security expert and Harvard fellow. ...
>
>
>
> https://apnews.com/article/hacking-russia-bafff5557a8941aa1a5ef239d36c4e28?fbclid=IwAR1MvOIpHUL8GrS2IE-g_hd6BY336St-00rQ-C4FRsngagVEDg9zmh6trhM
>
> --
> Rich Roth
> CEO TnR Global
>
> Bio and personal blog: http://rizbang.com
> Building the really big sites: http://www.tnrglobal.com
> Small/Soho business in the PV: http://www.hidden-tech.net
> Places to meet for business: http://www.meetmewhere.com
> And for Arts and relaxation:http://TarotMuertos.com - Artistic Tarot Deck
> http://www.welovemuseums.com
> http://www.artonmytv.com/
> Helping move the world: http://www.earththrives.com
>
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20201220/9fe27a50/attachment.html>
More information about the Hidden-discuss
mailing list