[email protected] <[email protected]>:
>
> On October 28, 2016 at 22:27 [email protected] (Stephen Satchell) wrote:
> > On 10/28/2016 10:14 PM, [email protected] wrote:
> > > Thus far the goal just seems to be mayhem.
> >
> > Thus far, the goal on the part of the botnet opearators is to make
> > money. The goal of the CUSTOMERS of the botnet operators? Who knows?
>
> You're speaking in general terms, right? We don't know much anything
> about the perpetrators of these recent Krebs and Dyn attacks such as
> whether there was any DDoS for hire involved.
We can deduce a lot from what didn't happen.
You don't build or hire a botnet on Mirai's scale with pocket change.
And the M.O. doesn't fit a criminal organization - no ransom demand,
no attempt to steal data.
That means the motive was prep for terrorism or cyberwar by a
state-level actor. Bruce Schneier is right and is only saying what
everybody else on the InfoSec side I've spoken with is thinking - the
People's Liberation Army is the top suspect, with the Russian FSB
operating through proxies in Bulgaria or Romania as a fairly distant
second.
Me, I think this fits the profile of a PLA probing attack perfectly.
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
