Unsophisticated China Hacking

[imoldernu]

As industry spends hundreds of millions on cyber security, and Homeland Security is staffed by thousands of experts who are charged with protecting our most valued secrets... and

As we spend untold time and money on our own personal security...

The the truth comes out. The sabotage that China is charged with perpetrating, looks to be nothing more than a simple email, opened by employees.. and which contained a backdoor entry into the computer. The same kind of trick that put "conduit A" on my computer.

US Hacking Victims Fell Prey to Mundane Ruses - ABC News

The hackers are said to have created a fake email account under the misspelled name of a then-Alcoa director and fooled an employee into opening an email attachment called "agenda.zip," billed as the agenda to a 2008 shareholders' meeting. It exposed the company's network. At another time, a hacker allegedly emailed company employees with a link to what appeared to be a report about industry observations, but the link instead installed malicious software that created a back door into the company's network.

... so much for 'security'.

 

[ERhoosier]

IT equivalent of leaving your keys with a kid claiming to be a valet at Denny's parking lot.

(BTW- Denny's is a chain of (not upscale) family restaurants with NO valet service).

 

[HFWR]

I forget the exact number, but north of 80% of ALL email traffic coming in to the servers at w*rk gets sent to the spam bucket. And lots of stuff still gets through their filters...

 

[sengsational]

The sophistication of a spear phishing attack is on the "to" line...find the weakest link (the component between the keyboard and the chair)!