Hacker News new | ask | show | jobs
by phantom_oracle 3567 days ago
Blaming China or Russia is lazy writing. It could be just about anyone, including a rogue internal agency doing a spoof-attack to precisely cause the blame to go towards the obvious "state actors".

Cyber-warfare is the 'new' war and just like any war, misinformation plays an important role.
2 comments
m0nty 3567 days ago
> Blaming China or Russia is lazy writing

It's what the author is being told by the people he has spoken too. Maybe a lazy assumption on their part, but it's not lazy writing. And your point is directly addressed in TFA:

"The data I see suggests China, an assessment shared by the people I spoke with. On the other hand, it's possible to disguise the country of origin for these sorts of attacks."

It would be interesting to know the sort of resources needed for this kind of attack/probing. Is it limited to state actors, or could we all play? Is the objective simply to be prepared, or is there a plan afoot?

link
AnimalMuppet 3567 days ago
> Is it limited to state actors, or could we all play?

Per the article, no, we can't all play. We don't have either the bandwidth or the expertise.

link
m0nty 3567 days ago
> Per the article

Not quite, it says "If the attacker has a bigger fire hose of data than the defender has, the attacker wins" and "the size and scale of these probes—and especially their persistence—points to state actors" which is not quite the same as saying you need to own the bandwidth. For example, DNS amplification can be used "to turn initially small queries into much larger payloads, which are used to bring down the victim’s servers".

https://www.incapsula.com/ddos/attack-glossary/dns-amplifica...

So maybe there are other techniques which might allow for similar leverage. Neither is the article conclusive about "state actors", they are merely "pointed to". As for expertise ... I don't doubt there are people out there who have it or might acquire it. So it's still an interesting question imo.

link
AnimalMuppet 3567 days ago
OK, perhaps I phrased it slightly wrong. I can't play, because I don't have the bandwidth or the expertise. I think that most of us on this board are in that category. (There's expertise here, but most of it isn't on the level of these attacks.)
link
city41 3567 days ago
Since he took the time to explain what a DDOS is, I think he felt the need to say "China or Russia" to help set the scale for people reading who aren't familiar with this kind of stuff.
link