Re: Spitballing IoT Security

[Tom Beecher <beecher () beecher cc>]

"That means the motive was prep for terrorism or cyberwar by a
state-level actor. "

Or, quite possibly ( I would argue probably) it was marketing. Show off the
capabilities of the botnet to garner more interest amongst those who pay
for use of such things.

On Sat, Oct 29, 2016 at 2:07 PM, Eric S. Raymond <esr () thyrsus com> wrote:

> bzs () TheWorld com <bzs () TheWorld com>:
> > On October 28, 2016 at 22:27 list () satchell net (Stephen Satchell) wrote:
> >  > On 10/28/2016 10:14 PM, bzs () TheWorld com wrote:
> >  > > Thus far the goal just seems to be mayhem.
> >  >
> >  > Thus far, the goal on the part of the botnet opearators is to make
> >  > money.  The goal of the CUSTOMERS of the botnet operators?  Who knows?
> >
> > You're speaking in general terms, right? We don't know much anything
> > about the perpetrators of these recent Krebs and Dyn attacks such as
> > whether there was any DDoS for hire involved.
>
> We can deduce a lot from what didn't happen.
>
> You don't build or hire a botnet on Mirai's scale with pocket change.
> And the M.O. doesn't fit a criminal organization - no ransom demand,
> no attempt to steal data.
>
> That means the motive was prep for terrorism or cyberwar by a
> state-level actor.  Bruce Schneier is right and is only saying what
> everybody else on the InfoSec side I've spoken with is thinking - the
> People's Liberation Army is the top suspect, with the Russian FSB
> operating through proxies in Bulgaria or Romania as a fairly distant
> second.
>
> Me, I think this fits the profile of a PLA probing attack perfectly.
> --
>                 <a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>