[yafetn]

This is interesting for several reasons.

1. It happened during the Treasury auction, and if the timing was intentional, a case could be made about it being a national security issue. The hackers disrupted the largest, and possibly most important, auction in the financial world.

2. The hackers may have unintentionally provoked an entity you definitely don’t want on your bad side: the People’s Liberation Army’s cyber arm.

3. I wonder if ICBC used a specialized courier service to send the USB stick, or if such a thing even exists. Or did they just use any old messenger service in Manhattan? If the latter, it’s funny to think that there was somebody biking across the city carrying billions of dollars worth of liquidity and settlement data and he/she would’ve been none the wiser.

[pavlov]

I bet there's a specialized courier service in Manhattan who only deliver small and boring envelopes that just happen to be extremely valuable to financial companies.

No idea what that company might be, but I'd imagine they don't use bikes just for the "bus factor" risk of that person getting into an accident and the envelope lost.

[barkingcat]

There are thousands of these kinds of services. Almost all would be bonded, some would offer armed security escorts to go with the courier (of course, for a fee).

[codetrotter]

Imagine a bicycle messenger in lime green sports clothes with a dark green box on his back, followed by two guard motorbikes all black, carrying big guns. And the motorbikes riding comically slow in order to stay with the bicyclist. Even struggling to not tip over, because of how slow they are going at times.

[barkingcat]

More like a motorcade of motorcycles, 3 at the front in arrow formation pushing out the traffic, the forward section not shy about using their guns to move people away - these would be real NYPD with badges hired during their off-duty hours, they would be carrying NYPD weapons.

Then you have the main security cordon, a quad / box. They would be on motorbikes, but it would be like guards, and since the traffic is already cleared by the forward section, it would just go at the fastest speed the cyclist courier can go.

The cyclist is in the middle of the quad/box.

Then at the back you have a rear section (also 3 NYPD off duty cops on motorbikes with firearms licenses and authorized to shoot with no consequence because they are union protected), which will block traffic from coming too close to the courier.

[notnaut]

Sounds legit, but also reads like good fanfic without anything provided for external confidence.

[eli]

I don't follow. Wouldn't you just send another USB drive? Doesn't seem any riskier than anything else sent by courier.

[hedora]

You could even send three couriers, each with the two public + private keys for the other couriers' data, and also their own encrypted blob.

[doublerabbit]

Four couriers

Three memory sticks

Two encryptions

One file

[gpderetta]

No need. The courier has an implanted memory device with 160GB capacity. But it was pushed beyond specs to 360GB for this run.

[htrp]

Its actually bike messengers

[motohagiography]

Targeting the U.S. Treasury auction means the target was the US and its cost of funding itself, where this auction facility at ICBC was just the means.

[happytiger]

I’m of the exact same mind. By missing this point people are missing the real story here. This smells like a fairly high-potency (and effective?) attack on a very vulnerable piece of critical financial infrastructure. Seems like a test perhaps?

[djbusby]

The movie industry ships HDDs in locked boxes. You call to get the code when the package is received.

I imagine the banks have something like that or even better.

[euroderf]

> You call to get the code when the package is received.

Sounds hackable.

[jakeinspace]

Nobody wants to repeat back 512 character encryption keys over the phone these days

[eli]

it's encrypted

[ok_dad]

When I was in the navy, we used to ship both guns and secret material via the regular old US postal service.