It is really important, in infosec and natsec, to understand if your adversary is making a tactical or a strategic choice.
For instance, why are they moving laterally? Is it because they just aren’t able to get their tool to run, or because they know exactly what system they want to reach on your network?
Is the immediate attack a distraction, or is it the point?
Good analysis and Intel is very important, for this reason. Not just a bunch of IOCs. Real operational understanding and intelligence.
If you do not understand the difference between tactics, strategy, and logistics I highly, highly recommend you read up on this. It’s one of those military concepts that really does apply to cybersecurity and business. en.m.wikipedia.org/wiki/Tactic_(m…
• • •
Missing some Tweet in this thread? You can try to
force a refresh
We aren’t going to just forget that one of “ours” in our professional community enabled the events of the past week, are we? What ended up happening to this chucklenuts?
I know I am not the first one to say this, but there are a lot of very well credentialed people in tech worrying what would happen if internet giants collectively de-platformed a group who isn't right wing, while totally erasing the fact that it already happened to sex workers.
(Which is not a reason not to worry about the power that internet giants and infrastructure provide and the ethical and legal complications. Just stop erasing an entire group of people, many of whom have suffered horrible abuse or worse as a result.)
If there was one thing I was brought up wrong about even by a relatively liberal, non-religious family, it was what sex workers go through each and every day, and how unfairly persecuted they are. I regret not knowing that sooner.
I am so tired of conspiracy theories about 1) Nationwide blackouts 2) Nationwide internet takedowns
It's like suggesting somebody is going to simultaneously unscrew every screw of varying sizes and types in your home.
Neither of those things is happening in modern times without a nuke or an asteroid.
Also, the "national blackout" wet dream conspiracy theory is about the lamest one I can possibly think of - grow some post-apocalyptic creativity. Places all over the world do fine with unstable power. I think of 11 more interesting ways to destroy civilization by breakfast.
We live in wild times. Absolutely unbelievable, what’s happened in the span of one week. So much precedent being set, too.
I find the Parler takedown especially fascinating. Yes, there’s schadenfreude because many awful humans are using it to hurt people, but it is also a glimpse into all the logistical and technical elements that make a modern social site “go”, who can cut them off, and how fast.
We watch malware site and infrastructure takedowns all the time, but those are often LEO backed and not normally like, web presences with MFA and legitimate payment processing.
I would pay very serious and close attention to Mr. Nance. He is an eminently credible expert and I trust his judgement. Review your physical security plans at offices and data centers.
The safety and security of your people comes first. How are they protected, and how can they be rapidly evacuated or shelter safely in place? Have they recently drilled fire and active shooter scenarios? Is it essential they be on site?
After that, consider your disaster recovery, data security, and redundancy planning specific to physical attacks. What happens if there is major damage to a single data center or its links? Have these plans been reviewed and adjusted since the pandemic impacted operations?
Many many tweeters who think Parler is down because of App Store removal, and also that that somehow violates their 1st Amendment rights.
Clarification: both of those things are untrue.
Removing an app from the store simply makes it unavailable to download or update. The first amendment protects Americans from government suppression of free speech. Thank you for coming to my TED talk.
Twitter could change its TOS to ban all mention of pancakes, and promptly ban me for no other offense.