0wned .gov machines (was Re: Russian cyberwar against Estonia?)

John Levine johnl at iecc.com
Sun May 20 14:34:53 EDT 2007


>I've heard nothing formal, but my strong understanding is a lot of US
>government machines, at least if we're talking workstations on
>non-classified nets, are in fact "0wn3d" at this point.

Well, here's an anecdote: at last year's CEAS conference, Rob Thomas
of Team Cymru gave the keynote on the underground economy, with a most
horrifying set of both live demos and selected snapshots of the online
bazaars where online warez are traded, everything from zombie farms to
spamware to stolen credit cards.  One of the more amusing was a guy
who offered a zombie in some part of the government that you'd hope
would be moderately secure, NASA or someplace like that, at a higher
than normal price.  The immediate response was ridicule, bots on
government nets are a dime a dozen, and aren't worth any more than any
other bot.

R's,
John

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list