NYT covers China cyberthreat

Scott_Weeks1 · February 21, 2013, 6:17pm

:: This all seems to be noobie stuff. There's nothing technically cool
:: to see here

You mean the report or the activity?

The activity.

You seem "upset" that they are using M$ only(target and
source).

I'm not upset. I'm pointing out what Steven Bellovin said
in just a few words: "This strongly suggests that it's not
their A-team..."

This is a technical mailing list where cutting edge stuff
is discussed. The compromise was not using cutting edge
stuff and, so, is a big <yawn> for this list.

The report was mainly for reporters. That's why they had
the omg sound byte bullet points at the top. It's also
why they had to explain several low level things in detail.

<snip>

Maybe it was meant to be found.

That is a definite possibility.

scott

Miles_Fidelman1 · February 21, 2013, 6:39pm

Scott Weeks wrote:

You seem "upset" that they are using M$ only(target and
source).

I'm not upset. I'm pointing out what Steven Bellovin said
in just a few words: "This strongly suggests that it's not
their A-team..."

This is a technical mailing list where cutting edge stuff
is discussed. The compromise was not using cutting edge
stuff and, so, is a big <yawn> for this list.

Not to be pedantic, but I thought the list was about network operations - and
as much (or more) about practice, than about "cutting edge stuff." (Well
maybe a little pedantic.)

From an operational point of view, unless I'm an exceptionally high-value
target, I'm more likely to be threatened by the B-team (or C-team), than the
A-team (recognizing, of course, that what the A-team is doing today, is what the
script kiddies will be doing tomorrow).

Miles Fidelman

Jack_Bates · February 21, 2013, 8:58pm

The A-team doesn't get caught and detailed. The purpose of the other teams is to detect easy targets, handle easy jobs, and create lots of noise for the A-team to hide in. Hacking has always had a lot in common with magic. Misdirection is a useful tool.

Jack

Suresh_Ramasubramani · February 22, 2013, 12:41am

And so their bush league by itself was responsible for all the penetrations
that mandiant says they did? Which shows that they don't have to be
particularly smart, just a bit smarter than their average spear phish or
other attack's victim.

Christopher_Morrow · February 22, 2013, 2:27am

no, the A-team has BA Baraccus... he pities the fool who gets caught
and detailed... the last thing BA detailed was his black van.

Valdis_Kletnieks · February 22, 2013, 3:54am

As I said - that's the scary part.

Michael_Painter · February 22, 2013, 5:14am

And since it's Wacky Friday somewhere:

http://arstechnica.com/security/2013/02/how-anonymous-accidentally-helped-expose-two-chinese-hackers/

1117 · February 22, 2013, 11:08am

...

The A-team doesn't get caught and detailed. The purpose of the other teams
is to detect easy targets, handle easy jobs, and create lots of noise for
the A-team to hide in. Hacking has always had a lot in common with magic.
Misdirection is a useful tool.

Jack

Or theres only a B-team, and the china government is as corrupted and
infective as the USA one.