Operation Shady Rat: Or As I like To Call It...

Monday, August 15, 2011

Infosec Island Admin

7fef78c47060974e0b8392e305f0daf0

OPERATION SHADY RAT: Or As I like To Call It: "Operation Shady Crap"

First, let me preface with an expletive laced rant that will be stripped for the straights at Infosec Island (Editors note - Scot's right, we cut the excessive expletives)...

Please forgive the capslock shouting, but I cannot contain myself here:

HOLY WHAT THE HECK?

McAfee WHAT IS THIS EPIC BALONEY YOU ARE PUTTING OUT THERE TO FUD THE CONGRESS INTO WANTING TO SEE IT? ARE YOU THAT DESPERATE TO APPEAR AS TO KNOW WHAT THE HECK IS GOING ON WITH REGARD TO APTs THAT YOU PUT THIS “BOOGA, BOOGA, FEAR, FEAR, FEAR, FUD, BUY OUR PRODUCTS CUZ WE SAW SOME CRAP” LIGATT-IAN PRESS RELEASE?

YOU ARE WASTING OUR COLLECTIVE TIME AND IF YOU GO TO CONGRESS WITH THIS BALONEY, I FULLY EXPECT TO SEE A NO CONFIDENCE VOTE IN THEM AND YOU!

NO... WAIT… I ALREADY THINK YOUR PRODUCT IS JUST STUFF.

CONGRESS… WELL WE KNOW HOW USELESS THEY ARE TOO... I GUESS YOU SHOULD BE FAST FRIENDS HUH?

image

OK, now that I have that out of my system, I will now attempt to explain a few things in a civil manner on the RAT/APT situation. First off, there is nothing new here as I have said before on numerous occasions.

This type of activity says more about the laxity of the targets security as well as the intent of the adversary in gathering state desired secrets on the part of China. The simple facts are these:

  • We have made it easy for them to compromise our systems due to lack of accountability and the short term gains seen by individuals within companies
  • The adversary is smart and will do what it takes up to even intercepting helpdesk tickets and fielding problems to keep their persistent access!
  • This has been going on for a long time and now is just getting out to the press.. Ok, I get that, but really, sowing FUD to win business will not help

It is readily apparent from this POS that McAfee has put out that they are just fishing for some press here for their flagging AV sales.

This paper gives nothing relevant to the story around APT and as such, it should be just relegated to the dustbin of the internet and forgotten. Yes, the US was a major target but others were as well.

This is a nation state working on these APT attacks, come on now! They have more interests than just the US! Just as much as you (McAfee) had access to ONE server out of many! Never mind all the others that were fleeting and pointed to by DYNDNS sites!

Really McAfee, you come off looking like rank amateurs here… Well, I guess you are really for pulling this little stunt altogether.

The adversary has been around for a long time. No one product nor service is going to protect us from them (that means you McAffee) so it is useless to try and sell us the snake oil you would like to.

It is our own human natures that we have to overcome to handle the least of the problems that feed into group think and herd mentality in corporations and governments.

Face the facts, they are here to stay and we need to learn the game of ‘Go’ in order to play on their field.

Unfortunately, we get dullards like these (McAfee) crying wolf and offering unctions to take our troubles away.. Unfortunately all too often there are too many willing to buy into their crap.

And we keep losing.

K.

Cross-posted from Krypt3ia

Possibly Related Articles:
13337
Network->General
Information Security
China Hacking McAfee APT Advanced Persistent Threats Congress Shady Rat
Post Rating I Like this!
Default-avatar
Neil Excellent Rant!!!
1313506411
Default-avatar
Ismi Muftahdina Good Job
1313526292
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.