RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
December 21, 2020 at 8:36 am
(December 21, 2020 at 8:01 am)FlatAssembler Wrote:(December 20, 2020 at 8:46 pm)HappySkeptic Wrote: It is entirely possible. That doesn't mean we really know the truth yet.
Hacking isn't easy for the average person. The hackers out there build on exploits that have taken hundreds or thousands of hours each to find and. They use toolkits floating around the darkweb that prey on un-patched systems.
Finding a new exploit is hit-and-miss, and takes time. Creating an exploit gives a huge payoff, but takes a lot of planning.
Virus checkers are very poor at finding novel exploits. They typically search for signatures of known viruses in code, as well as scan for changes in boot files. They cannot search for new malicious code in actual programs that have been given permission to run. Any program, when given access to run, can do key scans, open ports, search for files on the system. Hack a trusted updater, and it has the permission to update programs.
Of course virus checkers can be updated to find the new threat, but only after it is analyzed and virus checkers updated.
Think of a virus scanner as your immune system. It can only react to what it has been exposed to already. A novel virus doesn't get caught.
But, obviously, antivirus programs are trying very hard to detect unknown malware. If they did not, false positives would not be a problem.
(December 20, 2020 at 4:10 pm)BrianSoddingBoru4 Wrote: They are. Of course, it helps that the US has a complicit president.
Boru
But antivirus software don't care who is the president, do they?
No, but the people who create the virus software just might.
Boru
‘I can’t be having with this.’ - Esmeralda Weatherwax