September 27, 2017
Politico and others report that the Department of Justice has indicted a Chinese national accused of selling malware to hack a number of American and European companies. The general sense is that Yu Pingan and friends conspired to create the Sakula malware used effectively in the OPM breach and others.
This is big news for a couple of reasons. First there is a lot of media attention when companies are breached, but it doesn’t seem as glamorous or newsworthy when the perps are caught and cuffed. Maybe that’s because of reason number two: the perps seem to be rarely caught and cuffed. Not blaming the DOJ, FBI, CIA, DoD, YMCA or any other acronym. It just doesn’t seem to happen as often. When it does, though, it sure is great to see.
Plausible deniability is always a part of cyber crime. Exploits are deployed with as few fingerprints as possible, and the chase for principals can often lead more readily to geese. Wild geese. So catching the bad guys is often a low probability endeavor.
On the flip side of that coin, vigilance is your best hope. A catchy tagline might be: Prepare, Prevent, Prevail, and ICS can help you do all of those things. We can assess vulnerabilities, use penetration testing to gauge the impact a breach might have, and even design preparedness strategies and incident responses to make sure you prevail in the face of natural or digital catastrophes.
Call ICS today and let’s post a guard together.