Biden is 'considering cyber attacks' on Russian infrastructure in retaliation for 'Pearl Harbor of hacks' that breached 200 US federal agencies and firms - as fired DHS Cybersecurity chief Chris Krebs admits his 'failure' to stop it

Daily Mail ^ | 21 December 2020 | By Reuters and Lauren Fruen For Dailymail.com

[McGruff]

Joe Biden is said to be considering cyber attacks on Russian infrastructure in retaliation for the hacks that breached 200 US federal agencies and firms.

The president-elect's team will consider several options over the country's suspected role in the unprecedented hacking of US government agencies and companies, sources have told Reuters.

The massive data breach enabled hackers believed to be from Russia's SVR foreign intelligence service to explore the networks of government agencies, private companies and think-tanks for months. Moscow has denied involvement.

[srmanuel]

True, but suppose it’s a hit and run strategy...

Take down a single company that processes credit card transactions for a short period of time, disrupt a few million transactions create angst in the consumer world...

It would probably slide under the radar because it was just a single company that was hit....and they weren’t very up on cyber security anyway....

I can think of a couple of examples that I have been suspicious of.....

Delta had their entire network go offline a couple of years ago, they blamed it on a ops center going offline in Atlanta...

United’s entire network went offline and it was blamed on a router change in Chicago....

the NYSE halted trading during the day and could not close the day out a few years back, they blamed it on a software upgrade....

And most recently Google, YouTube, and all their other companies went down worldwide last week.....they to my knowledge haven’t released any official excuse....

I don’t believe any of the official excuses..

I think they were hacked by someone, IMO many of the cyber attacks are done by an insider within a company...

[Zhang Fei]

[I don’t believe any of the official excuses..
I think they were hacked by someone, IMO many of the cyber attacks are done by an insider within a company...]

---

Screw-ups unrelated to security problems happen more than you’d think. We had an entire new system they had spent tens of millions on get scrapped because they couldn’t get it to work right. The exec in charge was, predictably, fired. This was a Fortune 50 company, so money and development resources weren’t at issue.

All of these offensive capabilities take a while to put together. Private hackers use them to make money, so they do things related to monetization that inevitably lead to discovery. State actors save them for a rainy day.

[babble-on]

Yep. And even today Trump is insisting that this hack was not his Russian paymasters. It’s sheer insanity.

[Roman_War_Criminal]

Liberals love blood and war.

You get what you vote for.

[glorgau]

> Not even sworn in yet and trying to start a war.

Exactly. That’s the go to move in their playbook.

[Engedi]

Oh I suspect Krebs and others did this/allowed it to happen on President’s watch. I find the timing of it all suspect with Krebs firing.

[Lod881019]

He’s telegraphing to his opponent what he’s doing he’s either incompetent or a moron..then again this was China so I doubt Joe will do anything but give a strongly worded letter

[zeestephen]

Eight days since the breach was detected.

Has anyone seen a report that verifies sabotage or data extraction?

I have not.

[SgtHooper]

BINGO!

[Democrats hate too much]

probably CIA or China making it look Russian.

[srmanuel]

I spent the majority of my IT career working on Cisco Routers and Switches, plus Cisco Voice..

During that time I was contracted to some really large companies, two had worldwide computer networks, where the group I worked on rolled out literally thousands of Routers/switches and IP phones.....

I’m quite familiar with the change control process having written many of them myself.....

Part of my team rolled out Cisco IP Phones for a couple of the major trading companies on the NYSE and on the floor of the exchange, based on all that I’m highly, highly suspicious of a worldwide network going down.....

I’ve seen individual buildings with hundreds of employees go offline, I’ve seen parts of a entire country go offline, but I never saw an entire distributed network with worldwide reach go offline....

[mac_truck]

The Russians did it....again!

[dfwgator]

I don’t think there are any Russians
And there ain’t no Yanks

Just Corporate Criminals
Playing with Tanks

(Funny how those lyrics make much more sense now!)

[curious7]

Same here. The attack routes trace back to China.

[DoughtyOne]

Funny how they can verify that sort of thing, but can’t spend
any time looking at our election.

What a disaster lies ahead...

[clearcarbon]

"Biden is 'considering cyber attacks' on Russian infrastructure in retaliation for 'Pearl Harbor of hacks' that breached 200 US federal agencies and firms"

[Sacajaweau]

There's a brainless idea. Start a cyberwar...

Increase your cyber defense dumb a**.

[Zhang Fei]

[I spent the majority of my IT career working on Cisco Routers and Switches, plus Cisco Voice..]

---

Good to be discussing this with someone who actually had to deal with this up close and personal. What are your thoughts on how much of this was SolarWinds’s fault and how much was pretty much bad luck to be targeted by a major state actor* - Russia or otherwise?

* There’s a possibly false dichotomy that some have posited between state and non-state actors. It would not be surprising if some non-state actors (i.e. hackers who steal money) were drafted to carry out the work of state actors, especially if they had been found ripping people off outside the country. Extradition to the US is probably a pretty effective threat to coerce compliance.