Re: Chinese hackers steal code for Joint Strike Fighter and more

Bruce In Bangkok <decypher.address@xxxxxxxx> writes:

Apparently the saying "those who refuse to learn from history are
doomed to repeat it" is true.

It's not a matter of refusing to learn from history.
These systems were protected. However, they are complex, and all it takes is ONE hole.

The systems that were compromised had important, but non-classified
documents. Vendors have to exchange documents all the time, using
secure VPN's, encryption, etc. But it does no good.

For example, there was a zero day exploit on Microsoft
Excel. Microsoft did not have a patch for this flaw for weeks. Use
social engineering, and send someone a spread*** with budget
projections, and the victim opens it up and ZAP - they are
compromised.

VPN's and encryption does't help.

Security is always a budget problem. You can increase spending by ten
times. How much improvement in your security is that? Try to convince
someone that they need to spend 10 times what they spent last year,

There's a cartoon I saw.

A bunch of security experts are sitting around.

"Anything happen today?" "No?"

"Good job team!"

So when they do their job - nothing happens.


WOuld you give someone a raise for seemingly doing nothing?






.