|
|
|
|
|
|
by Gokenstein
2801 days ago
|
|
|
In the US the general public, engineers who discover and are tasked with preventing these attacks, and to a large extent the companies that are attacked are faced with a perverse set of incentives at the moment. Notifying federal authorities is often the best/only recourse. This results in a long waiting period where they determine the geo political or national interest in these attacks and they may make recommendations on how to best navigate and mitigate the impact but there is 0 incentive to make the fact that an attack occurred public knowledge. How would you propose we shine a light on what bad actors, companies and individuals who are attacked, and even our own federal law enforcement would rather keep secret? How do we give law enforcement the ability to trace these attacks to their proper source during an ongoing investigation, but keep them accountable? |
|
|
The penalty are potentially very hefty fines. (up to 2% of annual revenue, IIRC)