A 800 words New York times story on some alleged computer hacking of some energy companies mentions "Russian hackers" ten times.
From Hackers in Russia ... Russian hackers have ... Russian hackers are targeting ... The Russian attacks ... an unusually sophisticated and aggressive Russian group targeting ... believed the hackers were backed by the Russian government ... The Russian hackers ... the Russian hacking group ... The Russian hackers have ... the Russian group intended ...
The story includes zero (as in nil, none) evidence and no reasoning at all why the hackers involved are supposed to be "Russian".
It is the nature of the internet that geo-localizing the original source of an attack is nearly impossible. There are myriad ways hackers from anywhere could frame one country or group as an attacker. It is therefore highly irresponsible and nothing but pure hostile propaganda to attribute any such attack to a certain source, group or country without any further evidence and very sound and detailed technological reasoning.
The NYT story links to a Symantec report about the hacks. Symantec's sole reasoning on the source location, unmentioned in the NYT story, is this:
Analysis of the compilation timestamps on the malware used by the attackers indicate that the group mostly worked between Monday and Friday, with activity mainly concentrated in a nine-hour period that corresponded to a 9am to 6pm working day in the UTC +4 time zone. Based on this information, it is likely the attackers are based in Eastern Europe.
Such reasoning is much too basic to be of any evidence. The UTC +4 timezone includes not only west Russia but also other countries like Iran. It is also just as possible that the computers used for the compilation of the malware were sitting in Ohio, Tel Aviv or Nanking but had their clock settings changed to make it appear that they were in an UTC +4 working environment. Notice that Symantec named the source in question "Dragonfly" probably hinting that the attacks were originally though of as having an Asian origin.
It is highly irresponsible to publicly accuse a certain country as the source of this attack without having any further evidence to support such a claim. Doing so exposes the NYT as a vile propaganda paper again doing the U.S. war-hawk's bidding.
Complete story at - M of A - NYT Claims "Russian Hacker" Attack Without Any Supporting Evidence
From Hackers in Russia ... Russian hackers have ... Russian hackers are targeting ... The Russian attacks ... an unusually sophisticated and aggressive Russian group targeting ... believed the hackers were backed by the Russian government ... The Russian hackers ... the Russian hacking group ... The Russian hackers have ... the Russian group intended ...
The story includes zero (as in nil, none) evidence and no reasoning at all why the hackers involved are supposed to be "Russian".
It is the nature of the internet that geo-localizing the original source of an attack is nearly impossible. There are myriad ways hackers from anywhere could frame one country or group as an attacker. It is therefore highly irresponsible and nothing but pure hostile propaganda to attribute any such attack to a certain source, group or country without any further evidence and very sound and detailed technological reasoning.
The NYT story links to a Symantec report about the hacks. Symantec's sole reasoning on the source location, unmentioned in the NYT story, is this:
Analysis of the compilation timestamps on the malware used by the attackers indicate that the group mostly worked between Monday and Friday, with activity mainly concentrated in a nine-hour period that corresponded to a 9am to 6pm working day in the UTC +4 time zone. Based on this information, it is likely the attackers are based in Eastern Europe.
Such reasoning is much too basic to be of any evidence. The UTC +4 timezone includes not only west Russia but also other countries like Iran. It is also just as possible that the computers used for the compilation of the malware were sitting in Ohio, Tel Aviv or Nanking but had their clock settings changed to make it appear that they were in an UTC +4 working environment. Notice that Symantec named the source in question "Dragonfly" probably hinting that the attacks were originally though of as having an Asian origin.
It is highly irresponsible to publicly accuse a certain country as the source of this attack without having any further evidence to support such a claim. Doing so exposes the NYT as a vile propaganda paper again doing the U.S. war-hawk's bidding.
Complete story at - M of A - NYT Claims "Russian Hacker" Attack Without Any Supporting Evidence
No comments:
Post a Comment
All comments subject to moderation.