Welcome to the Hardcore Husky Forums. Folks who are well-known in Cyberland and not that dumb.
Russia strikes again
Comments
-
Actually when things get hacked it's statistically likely that it's the Russian mob or some punk 15 year old nerd
Btp is too dumb so he's safe -
Correct. But the usage of legit credentials to avoid detection implies that the leak is at the personal level. They’re targeting individual employees. Whether they are cooperating/collaborating or just left their laptop open is anyone’s guess. But the idea of a GRU spy trying to get the lower wage employees to cooperate is scarier than the notion that they can hack an air-gapped system.GrundleStiltzkin said:
Poont of clarification, the article does not say the Russians have American moles or double-agents or whatever.ThomasFremont said:If you read the article you’d see they’re using legit credentials to get by security. This isn’t a brute force hack, but rather a social engineering operation. They’re working American citizen assets.
-
It's standard phishing to credential theft I'd bet.ThomasFremont said:
Correct. But the usage of legit credentials to avoid detection implies that the leak is at the personal level. They’re targeting individual employees. Whether they are cooperating/collaborating or just left their laptop open is anyone’s guess. But the idea of a GRU spy trying to get the lower wage employees to cooperate is scarier than the notion that they can hack an air-gapped system.GrundleStiltzkin said:
Poont of clarification, the article does not say the Russians have American moles or double-agents or whatever.ThomasFremont said:If you read the article you’d see they’re using legit credentials to get by security. This isn’t a brute force hack, but rather a social engineering operation. They’re working American citizen assets.
-
Possibly. But any system worth a shit has more than an email/password credential. Basic 2-factor means they phished credentials and THEN got to the phone where the verification code generates in order to get in. This means personal contact.Swaye said:
It's standard phishing to credential theft I'd bet.ThomasFremont said:
Correct. But the usage of legit credentials to avoid detection implies that the leak is at the personal level. They’re targeting individual employees. Whether they are cooperating/collaborating or just left their laptop open is anyone’s guess. But the idea of a GRU spy trying to get the lower wage employees to cooperate is scarier than the notion that they can hack an air-gapped system.GrundleStiltzkin said:
Poont of clarification, the article does not say the Russians have American moles or double-agents or whatever.ThomasFremont said:If you read the article you’d see they’re using legit credentials to get by security. This isn’t a brute force hack, but rather a social engineering operation. They’re working American citizen assets.
-
You're throwing some conjecture over top of what was reported.ThomasFremont said:
Possibly. But any system worth a shit has more than an email/password credential. Basic 2-factor means they phished credentials and THEN got to the phone where the verification code generates in order to get in. This means personal contact.Swaye said:
It's standard phishing to credential theft I'd bet.ThomasFremont said:
Correct. But the usage of legit credentials to avoid detection implies that the leak is at the personal level. They’re targeting individual employees. Whether they are cooperating/collaborating or just left their laptop open is anyone’s guess. But the idea of a GRU spy trying to get the lower wage employees to cooperate is scarier than the notion that they can hack an air-gapped system.GrundleStiltzkin said:
Poont of clarification, the article does not say the Russians have American moles or double-agents or whatever.ThomasFremont said:If you read the article you’d see they’re using legit credentials to get by security. This isn’t a brute force hack, but rather a social engineering operation. They’re working American citizen assets.
-
Oh I’m speculating about it, no denying that. How they did it is not that big of a deal. What we? are gonna do about it is.GrundleStiltzkin said:
You're throwing some conjecture over top of what was reported.ThomasFremont said:
Possibly. But any system worth a shit has more than an email/password credential. Basic 2-factor means they phished credentials and THEN got to the phone where the verification code generates in order to get in. This means personal contact.Swaye said:
It's standard phishing to credential theft I'd bet.ThomasFremont said:
Correct. But the usage of legit credentials to avoid detection implies that the leak is at the personal level. They’re targeting individual employees. Whether they are cooperating/collaborating or just left their laptop open is anyone’s guess. But the idea of a GRU spy trying to get the lower wage employees to cooperate is scarier than the notion that they can hack an air-gapped system.GrundleStiltzkin said:
Poont of clarification, the article does not say the Russians have American moles or double-agents or whatever.ThomasFremont said:If you read the article you’d see they’re using legit credentials to get by security. This isn’t a brute force hack, but rather a social engineering operation. They’re working American citizen assets.
-
ThomasFremont said:
Oh I’m speculating about it, no denying that. How they did it is not that big of a deal. What we? are gonna do about it is.GrundleStiltzkin said:
You're throwing some conjecture over top of what was reported.ThomasFremont said:
Possibly. But any system worth a shit has more than an email/password credential. Basic 2-factor means they phished credentials and THEN got to the phone where the verification code generates in order to get in. This means personal contact.Swaye said:
It's standard phishing to credential theft I'd bet.ThomasFremont said:
Correct. But the usage of legit credentials to avoid detection implies that the leak is at the personal level. They’re targeting individual employees. Whether they are cooperating/collaborating or just left their laptop open is anyone’s guess. But the idea of a GRU spy trying to get the lower wage employees to cooperate is scarier than the notion that they can hack an air-gapped system.GrundleStiltzkin said:
Poont of clarification, the article does not say the Russians have American moles or double-agents or whatever.ThomasFremont said:If you read the article you’d see they’re using legit credentials to get by security. This isn’t a brute force hack, but rather a social engineering operation. They’re working American citizen assets.
-
That.ThomasFremont said:
Oh I’m speculating about it, no denying that. How they did it is not that big of a deal. What we? are gonna do about it is.GrundleStiltzkin said:
You're throwing some conjecture over top of what was reported.ThomasFremont said:
Possibly. But any system worth a shit has more than an email/password credential. Basic 2-factor means they phished credentials and THEN got to the phone where the verification code generates in order to get in. This means personal contact.Swaye said:
It's standard phishing to credential theft I'd bet.ThomasFremont said:
Correct. But the usage of legit credentials to avoid detection implies that the leak is at the personal level. They’re targeting individual employees. Whether they are cooperating/collaborating or just left their laptop open is anyone’s guess. But the idea of a GRU spy trying to get the lower wage employees to cooperate is scarier than the notion that they can hack an air-gapped system.GrundleStiltzkin said:
Poont of clarification, the article does not say the Russians have American moles or double-agents or whatever.ThomasFremont said:If you read the article you’d see they’re using legit credentials to get by security. This isn’t a brute force hack, but rather a social engineering operation. They’re working American citizen assets.
I was cheering like every other GOOD American when we! took out the centrifuges with Stuxnet. But even then I was worrying what might be coming back at us. -
Bidness as usualdnc said:ThomasFremont said:
Oh I’m speculating about it, no denying that. How they did it is not that big of a deal. What we? are gonna do about it is.GrundleStiltzkin said:
You're throwing some conjecture over top of what was reported.ThomasFremont said:
Possibly. But any system worth a shit has more than an email/password credential. Basic 2-factor means they phished credentials and THEN got to the phone where the verification code generates in order to get in. This means personal contact.Swaye said:
It's standard phishing to credential theft I'd bet.ThomasFremont said:
Correct. But the usage of legit credentials to avoid detection implies that the leak is at the personal level. They’re targeting individual employees. Whether they are cooperating/collaborating or just left their laptop open is anyone’s guess. But the idea of a GRU spy trying to get the lower wage employees to cooperate is scarier than the notion that they can hack an air-gapped system.GrundleStiltzkin said:
Poont of clarification, the article does not say the Russians have American moles or double-agents or whatever.ThomasFremont said:If you read the article you’d see they’re using legit credentials to get by security. This isn’t a brute force hack, but rather a social engineering operation. They’re working American citizen assets.
-
Turn off the lights in America for 1 week and the shit will get real. Do lasting damage to a few critical systems and it could spiral into chaos. Infrastructure was the one thing Trump was selling that I was buying, and it ain’t happening any time soon (or ever).GrundleStiltzkin said:
That.ThomasFremont said:
Oh I’m speculating about it, no denying that. How they did it is not that big of a deal. What we? are gonna do about it is.GrundleStiltzkin said:
You're throwing some conjecture over top of what was reported.ThomasFremont said:
Possibly. But any system worth a shit has more than an email/password credential. Basic 2-factor means they phished credentials and THEN got to the phone where the verification code generates in order to get in. This means personal contact.Swaye said:
It's standard phishing to credential theft I'd bet.ThomasFremont said:
Correct. But the usage of legit credentials to avoid detection implies that the leak is at the personal level. They’re targeting individual employees. Whether they are cooperating/collaborating or just left their laptop open is anyone’s guess. But the idea of a GRU spy trying to get the lower wage employees to cooperate is scarier than the notion that they can hack an air-gapped system.GrundleStiltzkin said:
Poont of clarification, the article does not say the Russians have American moles or double-agents or whatever.ThomasFremont said:If you read the article you’d see they’re using legit credentials to get by security. This isn’t a brute force hack, but rather a social engineering operation. They’re working American citizen assets.
I was cheering like every other GOOD American when we! took out the centrifuges with Stuxnet. But even then I was worrying what might be coming back at us.
