Twitter | Search | |
Kim Zetter
I wonder if Congress will hold a hearing to discuss the issue of a private US company taking on the role of the NSA to hack foreign military computers. This raises a lot of issues about potential national security blowback when a private company inserts itself in state matters.
Reply Retweet Like More
Thomas Wallutis Jun 24
Replying to @KimZetter
Another step forward to Shadowrun.
Reply Retweet Like
Robert Clardy Jun 24
Replying to @KimZetter
That would be an incomplete, one sided query. There’s no barriers between state and non-state when teens can rent tools to crash networks internationally, and hackers leap between government and personal crime as the book points out
Reply Retweet Like
Per Thorsheim Jun 24
Replying to @KimZetter
Does this mean that the employees of that private company become "legitimate" military surveillance targets for China, working as spies on behalf of the US government?
Reply Retweet Like
Kim Zetter Jun 24
Replying to @thorsheim
That's definitely the risk they take.
Reply Retweet Like
Andrew Jun 24
Replying to @thorsheim @KimZetter
Do you think foreign intelligence entities have a series of executive orders that say they cannot spy on "regular people"? If the Chinese intrude on private companies to steal IP and monitor dissidents, do you think private security companies are off limits?
Reply Retweet Like
Tony Naggs Jun 24
Replying to @KimZetter @thorsheim
This seems likely to be contagious, private cyber security company involved in miltary/natsec hacking, their other commercial customers risk becoming conflated with this situation too
Reply Retweet Like
🤖 Jun 24
Replying to @KimZetter
Shouldn't that be "role of the CIA", I thought the NSA's mandate could include writing an active measure but could not include taking active measures on foreign soil.
Reply Retweet Like
Nicholas J. Higgins Jun 24
There is an argument, I imagine, the the congressional power to grant letters of marquee allow the use of technology pirates.
Reply Retweet Like
Per Thorsheim Jun 24
Replying to @KimZetter
Well, if I were ever to do something like that for any given, I would keep it secret for sure. Not to mention what a lot of (US) infosec people tend to put in their LinkedIn profile....
Reply Retweet Like
Per Thorsheim Jun 24
Replying to @QW5kcmV3 @KimZetter
Absolutely not. But if you talk & boast about it you are for sure painting a big, visible "hack me, shoot me" target on yourself. Which, imho, is a very stupid thing to do.
Reply Retweet Like
ralph headroom Jun 24
Replying to @ramriot @KimZetter
yeah and posse comitatus stops the us military from operating on us soil, in theory. except it doesn't stop them from participating on the war on drugs. ie, they do whatever the hell they want to do.
Reply Retweet Like
Todd Heberlein Jun 24
Replying to @KimZetter
I haven’t read the original story yet, but if the “hack” was via a Trojaned document that the APT stole, I don’t think that is as big of an issue. There is a long history of documents that “call home” when viewed.
Reply Retweet Like
Todd Heberlein Jun 24
Replying to @KimZetter
Another complicating factor is that private citizens and companies are already targets of nation state attackers. Every day private citizens are involved in cyber conflict with nation states by necessity just defending their networks.
Reply Retweet Like
Bill Woodcock Jun 24
Replying to @thorsheim @KimZetter
It’s Mandiant. They already were, just as much as Lockheed.
Reply Retweet Like
HenkePenk Jun 24
Replying to @KimZetter
Or when a chinese investor buys it..
Reply Retweet Like
STRIPHY Jun 24
Replying to @KimZetter
Just call the cops. This is criminal, reckless, arrogant...how can anyone trust them now? What else have they been up to since then? This is published in a book like some kind of brag but these guys should be in prison.
Reply Retweet Like
Dave Dittrich Jun 24
Replying to @KimZetter
Can’t agree more.
Reply Retweet Like
STRIPHY Jun 24
Replying to @KimZetter
This should be the ideal test case for "hacking back". They had a profit motive and were acting as private citizens. It is deeply concerning that these guys are still in business.
Reply Retweet Like
STRIPHY Jun 24
Replying to @KimZetter
Where do you draw the line? Is it ok to hack networks in countries outside the US, or just some countries, or just networks of some organisations in some countries etc. There is no way in hell that is legal.
Reply Retweet Like