Over the course of three months, attackers installed 45 pieces of custom malware. The Times — which uses antivirus products made by Symantec — found only one instance in which Symantec identified an attacker’s software as malicious and quarantined it, according to Mandiant.
A Symantec spokesman said that, as a matter of policy, the company does not comment on its customers.
But months later, the chamber discovered that Internet-connected devices — a thermostat in one of its corporate apartments and a printer in its offices — were still communicating with computers in China
..how much information can be gleaned from this? Or, is it just the fact that the connection was established? I'm imagining the ubiquitous hacking scene in the movie, with the guy saying "We're in to the ...thermostat...!"
Yeah, but there's a balance between security and usability/living a normal life. There are always extra security measures I could take to prepare for eventualities, but at some point securing everything for every conceivable attack makes life unbearable.
Apparently there are no rules for Internet espionage. Seriously, this is the part of this story that worries me the most. Folks associated with the Chinese military and universities have been hacking pretty much every kind of American enterprise for 3+ years now. They're regularly caught, and exposed, and everyone sort of shrugs and says "oh well! use better passwords next time!". At what point does this escalate to becoming a diplomatic problem.
I am questioning your familiarity with the business decisions of a large enterprise and their ability to co-locate servers in a datacenter that passes a routine SAS70 audit. If you're trying to emphasize the need for physical security, make the point but your janitor illustration is pretty out there in relationship to a modern enterprise. I'm sorry if you don't recognize this. You can go back to your paper backs spy novels now.
Can't catch a break. One of these days I'm going to join a startup, do everything in rails, set up continuous deployment and never worry about QC, engineering and management reviews or ISO anything ever again.
« Older Researchers at Japan's National Institute of Genet... | Michael Jones McKean has figur... Newer »
This thread has been archived and is closed to new comments
Buy a Shirt