by hassanahmad on 4/24/24, 6:37 PM with 31 comments
by everdrive on 4/24/24, 7:22 PM
by spxneo on 4/24/24, 8:08 PM
but perhaps the biggest enablers of these security lapses aren't just the shoddy cybersecurity management but the political environment
anytime you try to fix or address an issue, the opposition party will take contrarian stance without merit.
no political party in america will disagree with the events of 9/11 yet in south korea disagreeing/contrarian stance is the default because they have premature understanding of what democracy is (ex. https://en.wikipedia.org/wiki/ROKS_Cheonan_sinking - imagine if a major American political party started refuting the events of 9/11 and defending Al Qaeda!)
so its no wonder that stuff like this will result in no arrests and waste valuable tax dollars.
by resource_waste on 4/24/24, 7:32 PM
Its far easier to be a hacker than a programmer of the same economic/political influence. You can take the second or third tier of programmers and they will be able to get you into a system.
My only thought is to only prevent non-anonymous entry, require some real world presence, and have capachas between commands... This doesnt scale.
by HenryBemis on 4/24/24, 7:19 PM
One of my latest gigs was on Third-Party Security. For years and years companies (especially banks) were giving little to no attention to third-party security/privacy. I've happily seen that over the past 5 years most (mega-big) banks have taken it "all the way up to 11".
Hackers are smart people, why hack company X with 50 people on their SOC and not hack a vendor that is lazy and clumsy? (and in some cases it's 5 guys with laptops behind a cheap never-hardened router in some random country)
by vondur on 4/24/24, 7:33 PM
by verisimi on 4/24/24, 7:16 PM