PDA

View Full Version : Home depot hacked..



garhkal
09-20-2014, 07:47 PM
With Home Depot being hacked, we have had 3 big scares this year alone in large companies getting credit card data stolen, and once again it seems criminals in Russia (where we can't go and do anything) are to blame.

What do you think we should do in cases like this where legally we can't go into the country to pursue those responsible?
What should be done to those in countries where we can go?
What about those who use those illegal sites to buy stolen info from?

Stalwart
09-20-2014, 08:15 PM
What do you think we should do in cases like this where legally we can't go into the country to pursue those responsible?

In cases like this, where the intrusion is a crime and not a threat to national security, there is little we can do other than indict those we figure out are responsible, and then wait to see if they ever transit to a country that would extradite them for a trial. If the crime is the result of a larger State (capital S) sponsored activity, we should consider financial restrictions or a seizure of assets to offset the cost of our own law enforcement and to reimburse those impacted.



What should be done to those in countries where we can go?

We really can't 'go' anywhere without the permission of the host nation. Even then we are usually assisting the host nation in apprehending the folks and then we can accept custody if they wish to transfer them. Again, barring a State action that is designed to critically impact national security, it is a law enforcement issue.



What about those who use those illegal sites to buy stolen info from?

Find where they are hosted, shut them down.

BT BT

This is a new and kind of creepy area. What defines a cyber attack that has national defense/security concerns is a pretty specific definition. By an large, this stuff is a criminal issue, and it amounts to theft, albeit the theft of billions of dollars but theft nonetheless. We also have to be very careful where some States have said things to the effect of "attack us non-kinetically and we will respond kinetically."

Absinthe Anecdote
09-21-2014, 09:44 PM
In cases like this, where the intrusion is a crime and not a threat to national security, there is little we can do other than indict those we figure out are responsible, and then wait to see if they ever transit to a country that would extradite them for a trial. If the crime is the result of a larger State (capital S) sponsored activity, we should consider financial restrictions or a seizure of assets to offset the cost of our own law enforcement and to reimburse those impacted.




We really can't 'go' anywhere without the permission of the host nation. Even then we are usually assisting the host nation in apprehending the folks and then we can accept custody if they wish to transfer them. Again, barring a State action that is designed to critically impact national security, it is a law enforcement issue.




Find where they are hosted, shut them down.

BT BT

This is a new and kind of creepy area. What defines a cyber attack that has national defense/security concerns is a pretty specific definition. By an large, this stuff is a criminal issue, and it amounts to theft, albeit the theft of billions of dollars but theft nonetheless. We also have to be very careful where some States have said things to the effect of "attack us non-kinetically and we will respond kinetically."

The FBI has a pretty good Cyber Crimes Division, and they do work with foreign governments to prosecute hackers world-wide. Sometimes relations with countries like China and Russia are tricky, but there is some level of cooperation going on.

As far as threats to national security, and banking crimes. The Banking sector is considered part of the critical infrastructure of the United States, so when banks and credit card providers are hit, it gets plenty of attention. But you are right about it being primarily a law enforcement matter when it is determined to be non-state actors. Still, cyber is one of those fields were there are overlapping concerns.

Some of the rationale behind creating DHS was to unify the different federal agencies with pieces of the mission for securing the homeland. While I often have to try hard to find good things to say about DHS, my time spent there as a contractor allowed me to see a good amount of cooperation between the private sector and the federal government.

In the case of Home Depot getting hacked, I'm sure the the cyber guys from the credit card companies and the banking industry have done forensics on the Home Depot intrusion, and forwarded their findings to the appropriate law enforcement agencies. If it traces to a foreign location, that would be the FBI. Besides, even if it turn out to be domestic, the FBI would be involved.

For banking, there is an industry-wide cyber security effort that works closely with federal authorities on a daily basis.