• Welcome to Religious Forums, a friendly forum to discuss all religions in a friendly surrounding.

    Your voice is missing! You will need to register to get access to the following site features:
    • Reply to discussions and create your own threads.
    • Our modern chat room. No add-ons or extensions required, just login and start chatting!
    • Access to private conversations with other members.

    We hope to see you as a part of our community soon!

Cyber attacks -- a little help, please.

Evangelicalhumanist

Evangelicalhumanist

"Truth" isn't a thing...
Premium Member
Can someone help me understand just what is going on with the recently uncovered cyber attacks against the US? Trying to sort it out at this point by listening to all the news sources (yes, both liberal and conservative) is just leaving me confused. As with everything American these days, news sources aligned with one side point to everything except what the other side points to.

I am reading this as incredibly serious. I'm also wondering whether re-purposing military money to building a wall has weakened the US security, and I'm wondering whether Trump's obvious tender regard for Putin (I've no doubt it's not sexual, but not so sure it wouldn't be, if Trump were asked), has anything to do with it.

A synopsis by anyone knowledgeable would be very much appreciated.
 
sun rise

sun rise

The world is on fire
Premium Member
During my work career, I spent several years in a corporate security role working to secure Unix systems (while others dealt with other platforms).

Yes, I take it as very serious. Everyone but Trump admits it is. The Russians are believed by everyone but Trump to be behind it.

These are the only things that I think are clear. I take any other comments to be speculation:
  • The attack apparently originated by compromising a critical software vendor.
  • Major US government agencies, critical businesses and apparently other nations have been compromised.
  • What information was stolen is unclear.
  • What other risks there are besides information theft (such as controlling critical software) is basically unknown to the general public and it seems the government at least in part.
  • The problem is VERY hard to fix.
  • How the US should respond is up in the air.
 
Revoltingest

Revoltingest

Pragmatic Libertarian
Premium Member
Evangelicalhumanist said:
Can someone help me understand just what is going on with the recently uncovered cyber attacks against the US? Trying to sort it out at this point by listening to all the news sources (yes, both liberal and conservative) is just leaving me confused. As with everything American these days, news sources aligned with one side point to everything except what the other side points to.

I am reading this as incredibly serious. I'm also wondering whether re-purposing military money to building a wall has weakened the US security, and I'm wondering whether Trump's obvious tender regard for Putin (I've no doubt it's not sexual, but not so sure it wouldn't be, if Trump were asked), has anything to do with it.

A synopsis by anyone knowledgeable would be very much appreciated.
Click to expand...
I offer a money back guarantee that cyber-warfare goes
in both directions. The wall money doesn't affect this.
How do I know this?
If I told you, I'd have to erase your memory.
 
Revoltingest

Revoltingest

Pragmatic Libertarian
Premium Member
Evangelicalhumanist said:
Sorry, what?
Click to expand...
giphy.gif
 
Tumah

Tumah

Veteran Member
Here is a link to a wiki article about it. 2020 United States federal government data breach - Wikipedia

There are hacking groups that are called APT's. These are often state-sponsored malicious actors who work on an international level to advance their (or more often, their government's) cause. So for instance, a North Korean APT is probably hacking banks around the world to funnel money into North Korean accounts because North Korea has no money. I think the most famous Russian APT, APT28 is called Fancy Bear. Their brothers APT29 or Cozy Bear are believed to be the perpetrators behind this attack. We can usually link attacks to specific APT's based on the tools and software that are used to carry out the attack.

In the attack, hackers got into SolarWinds system and made small changes to the software updates that SolarWinds would push out to their clients, effectively turning these updates into trojan viruses. Imagine downloading a Windows update to your computer and it came packaged with a back door that allows an attacker access to your computer. The US government uses SolarWinds products, so attackers were then able to gain entry to those departments. They also made use of vulnerabilities in VMware and Microsoft to help them move laterally and gain persistence (they were there for many months). That's basically what happened.

The government has to take some of the blame for this incident, because for the duration of the attack, the government was missing some top level cybersecurity personnel (either because they had been fired, the position had been eliminated, or the personnel had yet to be confirmed).

Hopefully, this incident will underscore the importance of these positions and move the US towards a firmer cybersecurity posture.
 
Last edited:
bobhikes

bobhikes

Nondetermined
Premium Member
Evangelicalhumanist said:
Can someone help me understand just what is going on with the recently uncovered cyber attacks against the US? Trying to sort it out at this point by listening to all the news sources (yes, both liberal and conservative) is just leaving me confused. As with everything American these days, news sources aligned with one side point to everything except what the other side points to.

I am reading this as incredibly serious. I'm also wondering whether re-purposing military money to building a wall has weakened the US security, and I'm wondering whether Trump's obvious tender regard for Putin (I've no doubt it's not sexual, but not so sure it wouldn't be, if Trump were asked), has anything to do with it.

A synopsis by anyone knowledgeable would be very much appreciated.
Click to expand...

The problem with the hack is that it was so big and for an extended period, they don't know what was done. Like with spy's there are sleeper programs that are very hard to detect and will only activate for certain circumstances. For example say Russia started a nuclear attack once we activate our response program a sleeper program could activate and hamper our response. The Russian abilities to hamper depend on how many agents they have in critical area's. Trump contribution could be in installing Russian sleeper agents into critical areas of the government. This depends on the relationship between Trump and Putin.
 
ChristineM

ChristineM

"Be strong", I whispered to my coffee.
Premium Member
My two peneth, not as an American but as someone who's company has been subject to 2 cyber attacks.

First was a denial of service attack (DOS) which was easy to circumvent, Move one, the attack came from China so block all Chinese ip addresses access to the server. Easier than it sounds, we blocked the first octet of Chinese ip addresses, i think it amounted to about 30 block commands in the htaccess file rather than hundreds of compete ip addresses.
Then inform the internet provider. They may (or may not) block individual ip addresses.

Second was an intruder, no doubt looking for personal info. Would have been serious if thats what we used the server for. We didn't so no harm done. Luckily they didn't even do any damage to the files, the ballache of restoring them would take time. We blocked the ip address anyway.
 
You must log in or register to reply here.
Top