As you can probably guess, I get a lot of emails related to whatever’s going on in the security world. There was a very short buzz around the “Russia Hacking” thing but very few security practitioners care about it at all. Except one, who sent me this:
That pretty much summarizes how I feel about the whole thing. Now that the US Government has officially blamed Russia for its rulers being so stupid as to fall for basic phishing attacks, they’ve piled on and also blamed a couple Russian cybercriminals and security researcher Alisa Shevchenko.*
So, the unknown artist on the internet who created the dog poop meme pretty much got it right: those extra pounds that recently materialized around my waist – probably put there by the Russians. That fart in the elevator? Probably Russian. My washing machine has been acting up lately, it’s probably “Operation Whirling Bear” and APT Gruppe Panzerfaust 2.0 behind it.
All of this fuss and drama, when the obvious and straightforward solution is: don’t have your security completely suck.
Here is my own contribution:
FNORD FNORD FNORD FNORD
“Security researchers” like Alisa, Equation Group, Cult of the Dead Cow, and Hacking Team have had free rein to act and sell exploits on the edges of the security scene for decades or more.
(* The Daily Beast article asks rhetorically whether Shevchenko may have had a hand in the DNC hack. Considering that the DNC hack was something that anyone with basic tools could accomplish, I’d say “who cares?”)
The Daily Beast: Did This Mysterious Female Hacker Help Crack the DNC?
Foreign Policy: Fear This Man (Dave Vincenzetti and Hacking Team)
Marcus Ranum at Fabius Maximus site: In Cyberspace the Best Defense is a Strong Defense