[Hidden-tech] Maybe some one can help - at least locally
Alan Frank
alan at 8wheels.org
Mon Dec 21 20:07:03 UTC 2020
I was listening to the radio yesterday and some prominent former member
of the DT administration was saying that the affected organizations
"would have to build new networks from the ground up." So it is not
just the engineers who will be pushing for that.
-------- Original Message --------
Subject: Re: [Hidden-tech] Maybe some one can help - at least locally
Date: 20.12.2020 15:39
From: Daniel Nachbar via Hidden-discuss
<hidden-discuss at lists.hidden-tech.net>
To: HT-discuss <hidden-discuss at lists.hidden-tech.net>
I'm not a network security expert but I have discussed this topic with
some.
Their consensus view is that there is essentially no way to
effectively scrub the compromised networks/machines. These are very
sophisticated attackers who had far too much access for far too long.
Rebuilding from scratch is likely the only effective response.
However such drastic remediation is almost impossible to sell to upper
management when there is no immediate evidence of compromise. Worse
yet, making the pitch to rebuild requires one to explain to upper
management how one totally screwed up in the first place.
So most victims will likely instead do some half-measure "security
scans", which will of course find nothing (because these are extremely
sophisticated attackers), and then just move on. Months or years from
now previously unidentified dormant worms will activate and the whole
compromise cycle will begin anew.
There is going to be a very, very long tail on this thing.
On Sun, Dec 20, 2020 at 12:39 PM Rich at tnr via Hidden-discuss
<hidden-discuss at lists.hidden-tech.net> wrote:
> Should like a job for a super-techie -- any takers ??
>
> It’s going to take months to kick elite hackers widely believed to
> be Russian out of the U.S. government networks they have been
> quietly rifling through since as far back as March in Washington’s
> worst cyberespionage failure on record.
>
> ... “We have a serious problem. We don’t know what networks they
> are in, how deep they are, what access they have, what tools they
> left,” said Bruce Schneier, a prominent security expert and
> Harvard fellow. ...
>
>
https://apnews.com/article/hacking-russia-bafff5557a8941aa1a5ef239d36c4e28?fbclid=IwAR1MvOIpHUL8GrS2IE-g_hd6BY336St-00rQ-C4FRsngagVEDg9zmh6trhM
>
> --
> Rich Roth
> CEO TnR Global
>
> Bio and personal blog: http://rizbang.com
> Building the really big sites: http://www.tnrglobal.com
> Small/Soho business in the PV: http://www.hidden-tech.net
> Places to meet for business: http://www.meetmewhere.com
> And for Arts and relaxation:
> http://TarotMuertos.com - Artistic Tarot Deck
> http://www.welovemuseums.com
> http://www.artonmytv.com/
> Helping move the world: http://www.earththrives.com
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion
> list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
_______________________________________________
Hidden-discuss mailing list - home page: http://www.hidden-tech.net
Hidden-discuss at lists.hidden-tech.net
You are receiving this because you are on the Hidden-Tech Discussion
list.
If you would like to change your list preferences, Go to the Members
page on the Hidden Tech Web site.
http://www.hidden-tech.net/members
More information about the Hidden-discuss
mailing list