|
|
|
|
|
|
by throwaway8581
1902 days ago
|
|
|
This kind of analysis is basically worthless because you don’t know whether they are operating at multiple levels of deception by, e.g., making you think they are a stupid script kiddie and that you successfully wiped them out. |
|
|
If there's a cyber security firm that's been hired to provide analysis they're going to be combing through egress traffic to find anything suspicious. But, egress traffic is difficult and expensive to analyse.
Worse yet, the attackers could easily just sit there and not use their attack methods for a little while and start up their compromises in weeks or months. You couldn't be certain nothing's still there till you ripped the AWS resources out and replaced them.