![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneI'm not going to bother linking to an article about the CEO "retiring" with a $90,000,000 plan, it's just not worth it.
Bloomberg has a good breakdown of the structure of the hack. Basically after the Struts exploit became known and some (essentially) script kiddies gained a toehold in to Equifax's network, they handed their penetration off to a skilled team of pros. The pros then did quite a serious number, including installing custom backdoors that ignored the Struts problem and bypassed the firewalls, they then started breaking apart databases. They had so much information that they had to prioritize which databases were more valuable, then they had to break them down in to smaller chunks for exfiltration to avoid tripping monitoring software that watches for just this sort of thing.
Definite experts.
Which points to possibly nation state actors. A lot of people want to point to the Chinese because one of the tools is called China Chopper because it has a Chinese language interface, but it's used by hackers around the world, so that's hardly conclusive. But the thing that really points to nation actors: none of the information on the 143 million people that was stolen, including credit cards, has surfaced on any underground forums that sell stolen information.
Personally, my money for the country most likely to be responsible is Russia or North Korea. We know that Russia has the talent for something like this, and after the DPRK tore apart Sony for The Interview, and the fact that their cyber people were trained by the Chinese, they also have the skill.
Equifax suspected someone was in their system. Their contractor, Mandiant, sent a team over. For whatever reason, Equifax thinks that Mandiant didn't send over their best people. Squabbling ensued for an extended period of time, during which apparently nothing was done to stop the hackers or their theft. This amounts to criminal stupidity as far as I'm concerned. Disagree all you want, but GET THE EFFING JOB DONE and resolve the fight later! JOB ONE IS TO STOP THE BAD GUYS!
The original Bloomberg article:
https://www.bloomberg.com/news/features/2017-09-29/the-equifax-hack-has-all-the-hallmarks-of-state-sponsored-pros
The Slashdot article that lead me to the Bloomberg article, complete with some interesting comments:
https://news.slashdot.org/story/17/09/30/207200/squabble-with-contractor-delayed-equifaxs-response-to-data-breach
Bloomberg has a good breakdown of the structure of the hack. Basically after the Struts exploit became known and some (essentially) script kiddies gained a toehold in to Equifax's network, they handed their penetration off to a skilled team of pros. The pros then did quite a serious number, including installing custom backdoors that ignored the Struts problem and bypassed the firewalls, they then started breaking apart databases. They had so much information that they had to prioritize which databases were more valuable, then they had to break them down in to smaller chunks for exfiltration to avoid tripping monitoring software that watches for just this sort of thing.
Definite experts.
Which points to possibly nation state actors. A lot of people want to point to the Chinese because one of the tools is called China Chopper because it has a Chinese language interface, but it's used by hackers around the world, so that's hardly conclusive. But the thing that really points to nation actors: none of the information on the 143 million people that was stolen, including credit cards, has surfaced on any underground forums that sell stolen information.
Personally, my money for the country most likely to be responsible is Russia or North Korea. We know that Russia has the talent for something like this, and after the DPRK tore apart Sony for The Interview, and the fact that their cyber people were trained by the Chinese, they also have the skill.
Equifax suspected someone was in their system. Their contractor, Mandiant, sent a team over. For whatever reason, Equifax thinks that Mandiant didn't send over their best people. Squabbling ensued for an extended period of time, during which apparently nothing was done to stop the hackers or their theft. This amounts to criminal stupidity as far as I'm concerned. Disagree all you want, but GET THE EFFING JOB DONE and resolve the fight later! JOB ONE IS TO STOP THE BAD GUYS!
The original Bloomberg article:
https://www.bloomberg.com/news/features/2017-09-29/the-equifax-hack-has-all-the-hallmarks-of-state-sponsored-pros
The Slashdot article that lead me to the Bloomberg article, complete with some interesting comments:
https://news.slashdot.org/story/17/09/30/207200/squabble-with-contractor-delayed-equifaxs-response-to-data-breach
no subject
Date: 2017-10-02 09:43 am (UTC)no subject
Date: 2017-10-02 03:53 pm (UTC)The higher up the ladder, the less likely you are to be fired for gross incompetence or other corporate sins or embarrassments. My first real job while in high school, I used to work retail, selling camera/audio equipment at a place called La Belle's, long before the World Wide Web came along. A friend of mine continued working one Christmas season after I left. They always hired lots of cashiers for the Xmas season for obvious reasons. For equally obvious reasons, there was a mirrored pane in the ceiling above every cash register which obviously had a camera behind it. This particular Xmas, a spectacularly daft temporary hire was lead away in handcuffs for taking an occasional twenty from her cash drawer. Shortly after the season was over, the warehouse manager was allowed to retire after it was discovered that he would back his pickup to the loading bay and load an occasional swing set or whatever in to his truck and drive away. There's no standard like a double standard.
no subject
Date: 2017-10-03 09:50 am (UTC)