|
|
|
|
|
|
by tptacek
1894 days ago
|
|
|
Again, I think it's very silly to point at any country, and particularly a country as huge as Iran, and suggest that they're somehow limited to "low-brow phishing, DoS, and website defacements". Iran can pull a million dollars out of their couch cushions any time they want. Do you know how much offensive cyber capability 1MM buys? When it comes to the stuff we use on HN as a measure of sophistication, the answer is: a lot. North Korea can't even feed its own people or keep the lights on in 2/3rds of the country. But nobody suggests they're unsophisticated cyber actors; that would be a demonstrably silly statement. Meanwhile: people routinely travel in and out of Iran; if you're not an American, it remains a major tourist destination. They have trade relationships around the world. They're not a hermit kingdom. If they want a world-class "APT" team, or 15 of them, all they have to do is decide to have them. (I assume they decided that a long time ago). If you think Iran is unsophisticated or has minimal capabilities, I'd suggest you just look at a map, and, for bonus points, a GDP ranking, and consider that whatever evidence you personally may have collected on Iran's capabilities, you're seeing what they've allowed you to see. Myself, I wouldn't even pick a fight with Kiribati. |
|
|
What's the difference between what they can do, and what the leading countries in cybersecurity (US, Israel) can do(offensively and defensively)?
Is there a significant difference?