 |
RE: Lawmaker Wants ‘Show of Force’ Against North Korea for Website Attacks | Threat Level | Wired.com |
|
| RE: Lawmaker Wants ‘Show of Force’ Against North Korea for Website Attacks | Threat Level | Wired.com by Decius at 6:35 pm EDT, Jul 12, 2009 | |||
I agree with most of what you are saying, with the exception of this. Basically, if you were competent you'd use something that isn't detected by every A/V on the planet, because its easy to do that (there are off the shelf tools that do it) and it would increase the effectiveness of your attack by infecting a larger number of hosts. That means this attacker either wasn't interested in being as effective as they could be, or they weren't very experienced/capable. Most experts are assuming the later (see what wired is reporting). A point for teenagers. Its notable that the worm destroys the computers it infects and includes a message about independence day. Its rare that worms destroy the computers they infect, because the attacker wishes to continue to use the botnet to launch future attacks - infected controlled hosts are a valuable thing to have if you like to launch DDOS attacks. This whole thing was orchestrated for this particular attack, and the attacker had no interest in launching future attacks of this sort. A point against teenagers. There are lots of people who have a political or economic interest in influencing US policy who aren't intelligence agencies and may not necessarily have access to the most sophisticated technical capabilities. I don't think the north korea angle adds up because I think north korea wouldn't bother launching DDOS attacks, and if they did, they'd want to demonstrate technical proficiency. Conficker, for example, is the sort of thing that looks like a professional operation that genuinely disturbs security experts. This only disturbs non-experts - its the kind of thing that would scare politicians but not professionals. Perhaps it was intended that way. | |||
| Thread [7] - Reply | |||
