
He is intelligent, but not experienced. His pattern indicates two-dimensional thinking.
I though this quote could describe many of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 advanced persistent threat critics, particularly those who claim "it's just espionage" or "cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re's nothing new about this." Consider this one last argument to change your mind. (Ha, like that will happen. For everyone else, this is how I arrive at my conclusions.)
I think cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 problem is APT critics are thinking in one or two dimensions at most, when really this issue has at least five. When you only consider one or two dimensions, of course cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 problem looks like nothing new. When you take a more complete look, it's new.
- Offender. We know who cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 attacker is, and like many of you, I know this is not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir first activity against foreign targets. I visited cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 country as an active duty Air Force intelligence officer in 1999. I got all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 briefings, etc. etc. This is not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first time I've seen network activity from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m. Wonderful.
- Defender. We know cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 offender has targeted national governments and militaries, like any nation-state might. What's different about APT is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 breadth of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir target base. Some criticize cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Mandiant report for saying:
The APT isn't just a government problem; it isn't just a defense contractor problem. The APT is everyone's problem. No target is too small, or too obscure, or too well-defended. No organization is too large, two well-known, or too vulnerable. It's not spy-versus-spy espionage. It's spy-versus-everyone.
The phrasing here may be misleading (i.e., APT is not attacking my dry cleaner) but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 point is valid. Looking over cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 APT target list, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 victims cover a broad sweep of organizations. This is certainly new. - Means. Let's talk espionage for a moment. Not everyone has cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 means to be a spy. You probably heard how effective cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 idiots who tried bugging Senator Landrieu's office were. With computer network exploitation (at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 very least), those with sufficient knowledge and connectivity can operate at nearly cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same level as a professional spy. You don't have to spend nearly as much time teaching tradecraft for CNE, compared to spycraft. You can often hire someone with private experience as a red teamer/pen tester and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n just introduce cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m to your SOPs. Try hiring someone who has privately learned national-level spycraft.
- Motive. Besides "offender," this is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 two dimensions that APT critics tend to fixate upon. Yes, bad people have tried to spy on ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r people for thousands of years. However, in some respects even this is new, because cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 offender has his hands in so many aspects of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 victim's centers of power. APT doesn't only want military secrets; it wants diplomatic, AND economic, AND cultural, AND...
- Opportunity. Connectivity creates opportunity in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 digital realm. Again, contrast cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 digital world with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 analog world of espionage. It takes a decent amount of work to prepare, insert, handle, and remove human spies. The digital equivalent is unfortunately still trivial in comparison.
To summarize, I think a lot of APT critics are focused on offender and motive, and ignore defender, means, and opportunity. When you expand beyond two-dimensional thinking, you'll see that APT is indeed new, without even considering technical aspects.