Press "Enter" to skip to content

The two timetables of hacking

Remember the teenager who took over Twitter with a bitcoin scam attack last summer?  He pleaded guilty in a court in Florida on Tuesday.      Charged as a “youthful offender”, he’s already been credited with over 200 days of time served.

While we’re hitting security, Check Point Research has new data on the Exchange Server hack.

  • The number of attempted attacks increased tenfold from 700 on March 11 to more than 7,200 on March 15.
  • The attackers have targeted the United States the most (17% of all exploit attempts). They also have targeted Germany (6%), the United Kingdom (5%), the Netherlands (5%) and Russia (4%).
  • The most targeted industry sector has been government/military (23% of all exploit attempts). Then comes manufacturing (15%), banking and financial services (14%), software vendors (7%) and health care (6%).

The White House’s task force on the issue had its first meeting on Monday.

Why do we care?

That Exchange breach is a huge deal, and is at the beginning of the investigation stage.    The Twitter scam, however, is at the tail end.    A year later, there are consequences to his actions.

Today the reason we care is the time discrepancy.   The attacks and initial incident response move VERY quickly.  And the legal cleanup moves much, much slower.  So does the long term technical cleanup.  These incidents have two timescales, and that’s important to internalize.    

In tech we’re often pretty bad at time estimates.  We think change comes a lot faster than it often does.  In the case of enforcement and consequences, our “fast” instincts.. are all wrong.

Source: The Verge

Source: Channel Futures

Source: IT News AU