Quote:
Originally Posted by suzzer99
Our head security guy said "nation state hackers" are what keeps him up at night. He said it's been estimated that they've penetrated and have free access to most if not all Fortune 100 companies' networks. Could they put the screws to pretty much any company they want at this point?
We have a site that we built and we continue to maintain and support for a research group in DC that produces a lot of research on Chinese technological threats and state-sponsored hacking.
As soon as the site went live IPs in China started making requests/ scanning the site furiously, and when they apparently didn't find any vulnerabilities they ddos'd it (which we fought as best we could by essentially playing whack-a-mole with IP ranges for a while).
After over a year now they haven't been able to get access to the site (as best we know), even tough they still try quite often. Now we have upgraded their infras and have them behind a CDN and have a lot of active monitoring set up in case something went bad.
One of the biggest factors in exposing a system, is like you are asking about, getting the virus into the system. Usually, this does not come down to actually penetrating the exterior wall of a system. While it is obviously theoretically possible to break most things if you have enough time and money, social engineering is usually a TON more efficient of a way to go about it. Our client is good about how they manage access and who can do what on the website, as long as those people don't do something dumb, they are in decent shape.
All it takes is someone cold calling a secretary and being told that "Hi this is Julie...Sorry Jim is on a business trip, can I take a message", and then having someone call and say "Hey Julie, I'm supposed to send Jim something for his meeting this afternoon, all I have is his number, can I email you it and have you send it to him..."
Its my impression that in a lot of cases this type of social engineering is a huge part of how they get virus' into the systems to be compromised. Not sure how Stuxnet was delivered, but I imagine the Iranian engineers occasionally met with people for Siemens, all it takes is a flash drive with documentation, etc. and you are then into the network.