Thursday, April 14, 2011

On the sophistication of attacks

If they appear unsophisticated, you will believe that they are not capable of more.

If you believe that is all they are capable of, you will assume they are not dangerous.

If you don't see them as dangerous, Your arrogance will cause you to look down on them.

In your arrogance, You will underestimate them.

If you underestimate them, then you have already lost.

You have been losing for 20 years, and you didn't even know it.




4 comments:

Keydet89 said...

Attacks don't have to be sophisticated, they just have to work.

The attacks are labelled as "sophisticated" because no one wants to admit how easily someone gained access to their systems, and how easily they remained persistent in the environment for so long.

hogfly said...

My point here is not that attacks are labeled sophisticated, it's that they are often labeled "un" sophisticated, and how that negatively affects our views.

Example:

"Night Dragon Report" P.7

"The methods and tools used in these attacks are relatively unsophisticated, as they simply appear to be standard host administration techniques, using standard administrative credentials"

Anonymous said...

Yes but Harlan has to comment because to him everything is unsophisticated.

Anonymous said...

Why would you use a knife, a screw driver, a plasma cutter when a brick works just as well... if i show you my plasma cutter, you'll pay attention... might even wake up.

Why not keep your ace in the holes for a bigger target... like say, oh I don't know, RSA?