My initial thought was that there are threat actors who just like kicking over the sand castles of “The West.”
However, this seems just a plausible:
> Cybersecurity experts are perplexed as to why Gemini North was the target. “Quite possibly, the attacker doesn’t even know they are attacking an observatory,” says Von Welch, retired lead of the NSF Cybersecurity Center of Excellence.
"had an exchange server" - fixed that for you. I mean, after the patch is before the patch, who still runs exchange servers just deserves it, there is occurrence after occurrence that repeatedly show they are not only incapable, but then also more blame others than taking responsibility for their swiss cheese software...
Suppose someone sells cyberattack services. A prospective customer asked for a demo before shelling out big bucks on attacking the real target(s).
They nerded something that would bring attention from media, but not a major outcry and security overhaul at the real target. A telescope fits the bill: it's not going to blow up or crash down, it has a small staff, and it's not an obscure thing that everyone would ignore in the news.
If it's a state actor - the Chinese and Russians do it for practice and to sow general chaos / destruction of US infrastructure, costing money and tying up resources. Sometimes it's just to slow down other country's academics.
If it's not, it's a group doing it for practice, the lulz...and under the encouragement (or at least ambivalence) of the Russian or Chinese.
Do we really need to bring in russo/sinophobia into this?
As the article explains: the attackers likely don't even know it's an observatory. Hackers will attack anything they find wide open, and anyone with a public server on the internet knows, they scan the whole internet all the time looking for victims - and they mostly don't care who the victim is as long as it can pay off.
3. Encrypting and ransoming the computer's contents
All of the above can be done to/with almost any computer on a network, so the intrinsic benefit from hacking extends to just about every computer with a network connection.
That wasn’t a value judgement on my part; I don’t think it’s fun. Only that “for the lulz” has been a common justification for some attackers in the past.
I mean, not really. If you go down that route too long you end up with something that has an attack surface so small/specific you'll never see it in the wild. There are almost always unknown variables that you can't know about or control for until you actually encounter them.
Plus, popping your first live box is an ancient rite of passage.
"for the lulz" was the tagline of many a hacker and script kiddie back in the day. Graffiti is also vandalism, and done for the lulz by toys and pros alike
My initial thought was that there are threat actors who just like kicking over the sand castles of “The West.”
However, this seems just a plausible:
> Cybersecurity experts are perplexed as to why Gemini North was the target. “Quite possibly, the attacker doesn’t even know they are attacking an observatory,” says Von Welch, retired lead of the NSF Cybersecurity Center of Excellence.