|
|
|
|
|
|
by ozo
3294 days ago
|
|
|
>that only a domain expert with highly specialized experience Correct me if I'm wrong, but WannaCry isn't highly sophisticated. It weaponizes already known vulnerabilities to exploit soft targets on a large, but unsophisticated scale (because most of the victims are soft targets in terms of computer/network security). Ransomware is not a new idea either. Combining these things (known exploits, soft targets, ransomware) doesn't require genius or _highly_ specialized domain knowledge, hard to acquire intelligence or huge amounts of resources (labor or money). Any state capable of consistently spending a couple million dollars per year on a team for offensive security operations could, I suppose, pull this off. |
|
|
> that only a domain expert with highly specialized experience could even recognize
Notably, it's about the expertise needed to recognize and identify the attack, not to launch it.