[JumpCrisscross]

> Retaliating draws a larger target on you. Increasing need for ongoing security

Does it? I feel like I could pretty easily pay a mercenary group to fuck around with Iran without being particularly concerned about blowback. (My main risk would be getting scammed.)

[conductr]

If you could keep your association with that mercenary a secret then sure. But if you were IDK, Walmart, and you went on this offensive or openly admitted to backing the mercenary. Well, now that Iranian group may want to push harder. Instead of attacking your servers, they begin attacking your POS, thermostats, security cameras, time clocks, inventory mgmt hardware, etc. they eventually start targeting your employees and their personal homes and such.

They could do all this now, but they generally don’t. Poke the bear and it might bite.

[antonymoose]

Having worked in anti-Phishing brand protection firm on behalf of firms like Apple, it absolutely draws a target on your back.

We used to receive routine threats from the IRGC on top of the usual DDoS attacks on our systems. Turns out cybercriminals don’t like it when you disrupt their cash flow. Thankfully we never got SWAT’d or had a box of heroin shipped to our office like that one journalist.