Russian Hackers?
1 view
Skip to first unread message
Jack Ring
Jan 1, 2017, 3:06:35 AM1/1/17
to astewg
Regarding
https://www.washingtonpost.com/world/national-security/russian-hackers-penetrated-us-electricity-grid-through-a-utility-in-vermont/2016/12/30/8fc90cc4-ceec-11e6-b8a2-8c2a61b0436f_story.html?utm_term=.9032dd1d8ddf
Let’s be clear —
1. If you send an email asking for their password update are you a hacker?
2. If they respond with a new password are they a hacker?
3. If the password update enables you to do things on their system that you could not do before are you a hacker?
4. If you actually do things on their system are you a hacker?
5. If you determine that someone did something on your system can you be sure of their intent?
6. in JAR-16-20296, Do the "Recommended Mitigations; Commit to Cybersecurity Best Practices” comprise an adequate system security scenario?
7. If you are responsible for and do not act to remove all vulnerabilities in your own software and systems then are you a hacker?
Jack Ring
https://www.washingtonpost.com/world/national-security/russian-hackers-penetrated-us-electricity-grid-through-a-utility-in-vermont/2016/12/30/8fc90cc4-ceec-11e6-b8a2-8c2a61b0436f_story.html?utm_term=.9032dd1d8ddf
Let’s be clear —
1. If you send an email asking for their password update are you a hacker?
2. If they respond with a new password are they a hacker?
3. If the password update enables you to do things on their system that you could not do before are you a hacker?
4. If you actually do things on their system are you a hacker?
5. If you determine that someone did something on your system can you be sure of their intent?
6. in JAR-16-20296, Do the "Recommended Mitigations; Commit to Cybersecurity Best Practices” comprise an adequate system security scenario?
7. If you are responsible for and do not act to remove all vulnerabilities in your own software and systems then are you a hacker?
Jack Ring
Reply all
Reply to author
Forward
0 new messages