-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Jan 12, 2010 at 9:09 PM, rick wesson <[email protected]> wrote:
> I'm hearing that its like 30 companies involved. What I'm wondering is > how they attributed it to the Chinese. With so many compromised systems > in china isn't that the perfect joe-job? > > If I was Chinese and working to penetrate a bunch of us companies why > would i do the deed from my own countries network. Rarely does a cyber > criminal use networks within their own country to control asses, why do > the Chinese? > > If I was from another nation I would look at the Chinese systems as a > easy proxy, and throw off my trail by attempted crompromise of "freedom > fighter" accounts. One thing I have learned is that attribution is very > hard to do. > Hi Rick, Those are great points -- but of course there are a lot of details missing right now. Having said that, I know some really bright security folks at Google, so I have to initially believe they have good reason to suspect in-country perpetrators. But then again, we all know that things are not always as they appear. :-) - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLTVaeq1pz9mNUZTMRAlNzAJ9SbYpGTvSPoTZgGDTMzxNoDvYcIwCfaL61 n7yA9r/xyIBMeJrEM/N1Gdo= =mtVY -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
