Watch how real shit gets the next few years (China hacking everyone)


#101

haha beat me to it LZ.

Likelihood that the malware and technology was sophisticated? Low. Likelihood that a phishing message led to malware being installed on a local computer and pivoted from? High.


#102

I’m curious why Mandiant ran out and said China anyways.

All of the other China hacks have been directly related to intellectual property not SSNs. The hospitals owned by CHS are not even high even a lot are in rural areas and have shitty to no security based on my experience working with a company they acquired.


#103

Yeah I’m not sure why China would go after PHI. Certainly doesn’t sound like the PRC gov. Then again, Mandiant likes te politcs of the Chinese hackers, and this could easily have been anyone from anywhere in the world simply pivoting a Chinese host because it’s a great ip space to hide behind.


#104

bump

“Obamacare site hacked but nothing taken, HHS says”


#105

sounds more like someone was surfing the interwebs on a server that shouldn’t have been.


#106

It was a test server that wasn’t supposed to be put online with weak passwords


#107

Yeah but did someone actually “hack” it or was a piece of malware downloaded?

The word “Hack” gets thrown around too liberally. “I left my password taped to my monitor and someone hacked into my computer”…no, there was no effort required, they logged into your computer as you.


#108

While I agree for the most part that Prog, anything that causes a breach is going to be considered a “hack”.

Simply, if weak passwords existed, that means that someone logged into the machine, unauthorized and installed some malware for a reason. They’re downplaying it as run of the mill malware, but what does that really mean? Who was is beaconing back to? APTs are known to get a foothold in an environment and lay dormant for long periods of time (hundreds of days).

When you’re defending a network, you don’t care if it’s a phishing, a stupid admin browsing the web, a persistent person bruteforcing, a sophisticated web app hacker, etc… Anything that compromises a machine is BAD.


#109

The issue here is once you gain access to a Windows server or other server its generally easy to elevate privileges and latterly move around a network.

So while gaining access to a “test” server might not be a big deal often times people reuse DB passwords or other credentials not mention you’re generally inside a DMZ at this point.


#110

If only more people got cryptolocker, their data would be encrypted and totally secure. LOL


#111

^Nope, now there are decrypters that will reverse that process.

My point was it seems strange that some person would hack a server just to install low level botnet malware. Seems more like a malicious website or bad attachment.


#112

Was not srs.


#113

I know just saying.


#114

Bump


#115

Oh and lol Huawei


#116

Right? Thanks @bing for your countries help :canada:


#117

Every US executive stuck in China right now…

Gotta love the irony of the Chinese saying we’ve violated her human rights by arresting her. China, complaining about us violating someone’s human rights. CHINA


#118

Good China / tech read:

https://www.wsj.com/articles/american-entrepreneurs-who-flocked-to-china-are-heading-home-disillusioned-1544197068


#119

Such a different place over there. Definitely an interesting read. Wonder what that means in the years to come.


#120

Yea I have been to China before its an interesting place.

Not really sure what all this means US companies and US government needs to take China hacking and stealing proprietary information.

On the other side China really needs the US for all the crap they steal and sell back so who knows