I’ve been doing incident response for quite some time now and there’s a lot a things that are not being put out there. So let’s talk about the “missing server” using, I don’t know, how about facts? I’ve never worked an intrusion where we’ve had all the evidence we wanted. There’s always logs missing, aged off, or deleted by the attacker. In every case, we are forced to look at the data we have and then make judgments even with the missing data. We don’t call the missing data a conspiracy, we just call it business as usual. Continue reading “DNC Hack and So Called The Missing Server”
As I scroll through Facebook I began seeing posts about ‘Russia in control of our infrastructure’. People reacting to something that most cybersecurity researchers have known about for quite some time. And guess what, we’re not freaking out just yet.
Yesterday, the Department of Homeland Security and the Federal Bureau of Investigation took the unusual step of issuing an alert fingering the Russian government for targeting U.S. critical infrastructure with cyberattacks. Continue reading “Russia in control of critical infrastructure? Let’s not over react”