cross-posted from: https://discuss.online/post/31211123
I honest to fucking God don’t understand how cybersec is so fucking bad that there are so many damn data breaches that I lost count. I had a few accounts on chatgpt (that I dont use anymore) but they are all compromised now…
Just what the fuck is this shit? Are they done by lone actors or cybercrime gang? Or are they state actors or state-backed actors? Or are they inside jobs to allow the company to sell data illegally to make more money? Flock has admitted to using data from data breaches to their system.
You also notice how rarely you hear about cybercriminals getting caught? It’s almost like if you take even a minor bit of opsec you can get away with anything.
Really? It’s hard to understand?
Dude it’s a fucking arms race between cyber security teams and attackers.
And there’s more money in attacking than there is in defending. Defending is an expense. Attacking is almost entirely profit
And some attackers are backed by nation-states.
Attackers only have to get through once. Defense has to work 100% of the time.
Don’t they discover them and track down who they are? If a group of jackass hackers (self taught or otherwise) are always trying to break into a system and failing a few times before getting in, wouldn’t the defenders be able to trace something about where those people are? Like is it really that dumb? Are defenders really a bunch of keystone kops driving around in circles and bumping into walls?
Are you like 12…?
Username checks out
Not necessarily or trivially.
Even if they did track them down, then what?
The world is huge, it’s unlikely that a particular attacker is going to be from the same country, so how are they going to do anything about it, really?
The victim can report to the government local to the hackers, but that local government is under no real obligation to do anything about it.
And given this, why would most companies keep paying their defenders to hunt them down once the trail seems to end in a foreign country?
Defence is seen as a cost that reduces other costs, rather than something which will pay back, so I suspect it only happens if the company doesn’t have other work for the defenders to do (rare) so they might as well work on this as be paid to do nothing, if they think the attackers may return so they want to learn as much as possible about them for future defence (depends on what they did and who they it seems they may be), or if the government where the company is based steps in to fund the hunt for some reason (maybe political).
I find it difficult to believe that all attackers are necessarily from different countries. There was a breach in Canada some years ago when a bank lost tons of information and was hated for it. The hackers were in canada and it was on the news when they were finally caught. But that was an exception and not the rule.
It was a credit union, and it was an insider leak.
Or you’re thinking of another financial institution in Canada that lost a lot of information and whose reputation suffered as a result.
I don’t recall saying all attackers were necessarily from different countries, because that’s not true at all. I said it’s unlikely they are from the same one, because statistically that is true.
It’s not like the movies
Its actually even stupider and more destructive than the movies.
What are you talking about?
Username checks out, I guess