[TeMPOraL]

That would be the reverse of the usual strategy, wouldn't it? Most companies seem to try to pin breaches on sophisticated hacker groups backed by nation states. But then, they benefit from the perception of a threat that's impossible to defend from (so there wasn't anything they could do) - whereas Ubiquiti benefits from people thinking the attack was just a small actor that couldn't possibly threaten Ubiquiti's customers.

[rossipedia]

Yes, you're right. But I don't really expect them to make the "smart" or "usual" play. That would honestly surprise me. Now, pinning it on somebody that was generally disliked because they constantly blocked things that had obvious gaping security holes? Basically sicking law-enforcement on somebody out of pure spite? I can absolutely believe that.

[woofie11]

Accusing whistleblowers of criminal activity?

That's a pretty common ploy. Been there, done that. Early in my career when I was naive enough to try to whistleblow on things over my head.

[TeMPOraL]

Accusing whistleblowers and reporters is indeed common - it pretty much seems the standard behavior in infosec in particular.

What I meant was something different. The breach, as I understand it, was quite critical. Ubiquiti in this case could take the standard corporate spiel of "it has hallmarks of a nation state attack, there was nothing we could do" bullshit disclaimer - but given the nature of this breach, every customer of theirs would now be wondering if $Enemy has put malware in their infra, and whether it isn't a good idea to smash it all with a hammer and buy new one from someone else. So I suspect Ubiquiti is going the other way, blaming it on a single, inconsequential individual, that absolutely, positively didn't give access to anyone else, and thus nobody's infra was in any danger.

(Note: I have no inside knowledge, or even any deep knowledge, of this topic - I'm just a random Internet person speculating.)

[tobr]

I’d love to hear that story, if you can share it!

[ex_ubiquiti]

There was a lot of infighting and turf wars when I finally quit. I'm not even surprised that this latest turf war spilled into the news.

[peteretep]

> nation states

Nation state is not a fancy infosec way of saying country

[TeMPOraL]

Nah, most of the time it's just a fancy infosec way of saying "it was likely ordinary criminals, or even some script kiddies, but it would be quite embarrassing to admit that".

[cutemonster]

Why don't they say "country"? Or just "nation"?

(Can it really be because "nation state" is more fancy?)

I can understand, though, why they don't say "state" -- maybe that'd sound as if a single state in the US had attacked

[peteretep]

I think this derives from “state-sponsored”. “The state” has a distinct meaning from country or nation which I think is important to capture too.

I think your point about confusion with constituent states is spot on though