|
|
|
|
|
|
by thephyber
2198 days ago
|
|
|
It's more analogous to saying "the defense contractors for a new stealth plane failed to protect the designs and prototypes, so the enemy now has all of the detailed info they need to build countermeasures against this stealth technology". Securing the plans for stealth is a key requirement of the stealth continuing to work. Also, I'm sure those members of "the hacking team" weren't allowed to discuss their work with their family/friends, so it's not terribly unrealistic to expect them to use even just basic security hygiene (eg. don't share admin passwords). |
|
|
Your implication that this was due to lack of proper security hygeine is unfounded. Security hygeine reduces risk it does not eliminate it. Risk is proportional to threat and attack surface, for an org like the CIA they have not-so-small attack surface and the whole world as their threat, so reduction in risk by means of common security controls and hygeine will not reduce risk from the most persistent and resourceful attackers.analogy to your reasoning would be "Google has an army of devs and security pros, so Chrome should never have a remote code execution vuln" ,no, as much as they may have money and talent, modern software is too complex for those resources to eliminate all bugs. Perspective is important.