OPERATION SHADY RAT: Or As I like To Call It: "Operation Shady Crap"
First, let me preface with an expletive laced rant that will be stripped for the straights at Infosec Island (Editors note - Scot's right, we cut the excessive expletives)...
Please forgive the capslock shouting, but I cannot contain myself here:
HOLY WHAT THE HECK?
McAfee WHAT IS THIS EPIC BALONEY YOU ARE PUTTING OUT THERE TO FUD THE CONGRESS INTO WANTING TO SEE IT? ARE YOU THAT DESPERATE TO APPEAR AS TO KNOW WHAT THE HECK IS GOING ON WITH REGARD TO APTs THAT YOU PUT THIS “BOOGA, BOOGA, FEAR, FEAR, FEAR, FUD, BUY OUR PRODUCTS CUZ WE SAW SOME CRAP” LIGATT-IAN PRESS RELEASE?
YOU ARE WASTING OUR COLLECTIVE TIME AND IF YOU GO TO CONGRESS WITH THIS BALONEY, I FULLY EXPECT TO SEE A NO CONFIDENCE VOTE IN THEM AND YOU!
NO... WAIT… I ALREADY THINK YOUR PRODUCT IS JUST STUFF.
CONGRESS… WELL WE KNOW HOW USELESS THEY ARE TOO... I GUESS YOU SHOULD BE FAST FRIENDS HUH?
OK, now that I have that out of my system, I will now attempt to explain a few things in a civil manner on the RAT/APT situation. First off, there is nothing new here as I have said before on numerous occasions.
This type of activity says more about the laxity of the targets security as well as the intent of the adversary in gathering state desired secrets on the part of China. The simple facts are these:
- China wants to have an edge and it finds itself using the Thousand Grains of Sand strategy to its benefit in the digital arena
- We have made it easy for them to compromise our systems due to lack of accountability and the short term gains seen by individuals within companies
- The adversary is smart and will do what it takes up to even intercepting helpdesk tickets and fielding problems to keep their persistent access!
- This has been going on for a long time and now is just getting out to the press.. Ok, I get that, but really, sowing FUD to win business will not help
It is readily apparent from this POS that McAfee has put out that they are just fishing for some press here for their flagging AV sales.
This paper gives nothing relevant to the story around APT and as such, it should be just relegated to the dustbin of the internet and forgotten. Yes, the US was a major target but others were as well.
This is a nation state working on these APT attacks, come on now! They have more interests than just the US! Just as much as you (McAfee) had access to ONE server out of many! Never mind all the others that were fleeting and pointed to by DYNDNS sites!
Really McAfee, you come off looking like rank amateurs here… Well, I guess you are really for pulling this little stunt altogether.
The adversary has been around for a long time. No one product nor service is going to protect us from them (that means you McAffee) so it is useless to try and sell us the snake oil you would like to.
It is our own human natures that we have to overcome to handle the least of the problems that feed into group think and herd mentality in corporations and governments.
Face the facts, they are here to stay and we need to learn the game of ‘Go’ in order to play on their field.
Unfortunately, we get dullards like these (McAfee) crying wolf and offering unctions to take our troubles away.. Unfortunately all too often there are too many willing to buy into their crap.
And we keep losing.
Cross-posted from Krypt3ia