Results 1 to 3 of 3

Thread: Home depot hacked..

  1. #1
    Senior Member
    Join Date
    May 2008
    Location
    Columbus, ohio
    Posts
    3,306
    Mentioned
    29 Post(s)

    Home depot hacked..

    With Home Depot being hacked, we have had 3 big scares this year alone in large companies getting credit card data stolen, and once again it seems criminals in Russia (where we can't go and do anything) are to blame.

    What do you think we should do in cases like this where legally we can't go into the country to pursue those responsible?
    What should be done to those in countries where we can go?
    What about those who use those illegal sites to buy stolen info from?

  2. #2
    Senior Member Stalwart's Avatar
    Join Date
    Mar 2010
    Location
    Annapolis, MD
    Posts
    1,055
    Mentioned
    4 Post(s)
    Quote Originally Posted by garhkal View Post
    What do you think we should do in cases like this where legally we can't go into the country to pursue those responsible?
    In cases like this, where the intrusion is a crime and not a threat to national security, there is little we can do other than indict those we figure out are responsible, and then wait to see if they ever transit to a country that would extradite them for a trial. If the crime is the result of a larger State (capital S) sponsored activity, we should consider financial restrictions or a seizure of assets to offset the cost of our own law enforcement and to reimburse those impacted.


    Quote Originally Posted by garhkal View Post
    What should be done to those in countries where we can go?
    We really can't 'go' anywhere without the permission of the host nation. Even then we are usually assisting the host nation in apprehending the folks and then we can accept custody if they wish to transfer them. Again, barring a State action that is designed to critically impact national security, it is a law enforcement issue.


    Quote Originally Posted by garhkal View Post
    What about those who use those illegal sites to buy stolen info from?
    Find where they are hosted, shut them down.

    BT BT

    This is a new and kind of creepy area. What defines a cyber attack that has national defense/security concerns is a pretty specific definition. By an large, this stuff is a criminal issue, and it amounts to theft, albeit the theft of billions of dollars but theft nonetheless. We also have to be very careful where some States have said things to the effect of "attack us non-kinetically and we will respond kinetically."
    The most important six inches on the battlefield is between your ears.

  3. #3
    Senior Member Absinthe Anecdote's Avatar
    Join Date
    Mar 2012
    Location
    Baltimore
    Posts
    3,669
    Mentioned
    14 Post(s)
    Quote Originally Posted by Stalwart View Post
    In cases like this, where the intrusion is a crime and not a threat to national security, there is little we can do other than indict those we figure out are responsible, and then wait to see if they ever transit to a country that would extradite them for a trial. If the crime is the result of a larger State (capital S) sponsored activity, we should consider financial restrictions or a seizure of assets to offset the cost of our own law enforcement and to reimburse those impacted.




    We really can't 'go' anywhere without the permission of the host nation. Even then we are usually assisting the host nation in apprehending the folks and then we can accept custody if they wish to transfer them. Again, barring a State action that is designed to critically impact national security, it is a law enforcement issue.




    Find where they are hosted, shut them down.

    BT BT

    This is a new and kind of creepy area. What defines a cyber attack that has national defense/security concerns is a pretty specific definition. By an large, this stuff is a criminal issue, and it amounts to theft, albeit the theft of billions of dollars but theft nonetheless. We also have to be very careful where some States have said things to the effect of "attack us non-kinetically and we will respond kinetically."
    The FBI has a pretty good Cyber Crimes Division, and they do work with foreign governments to prosecute hackers world-wide. Sometimes relations with countries like China and Russia are tricky, but there is some level of cooperation going on.

    As far as threats to national security, and banking crimes. The Banking sector is considered part of the critical infrastructure of the United States, so when banks and credit card providers are hit, it gets plenty of attention. But you are right about it being primarily a law enforcement matter when it is determined to be non-state actors. Still, cyber is one of those fields were there are overlapping concerns.

    Some of the rationale behind creating DHS was to unify the different federal agencies with pieces of the mission for securing the homeland. While I often have to try hard to find good things to say about DHS, my time spent there as a contractor allowed me to see a good amount of cooperation between the private sector and the federal government.

    In the case of Home Depot getting hacked, I'm sure the the cyber guys from the credit card companies and the banking industry have done forensics on the Home Depot intrusion, and forwarded their findings to the appropriate law enforcement agencies. If it traces to a foreign location, that would be the FBI. Besides, even if it turn out to be domestic, the FBI would be involved.

    For banking, there is an industry-wide cyber security effort that works closely with federal authorities on a daily basis.
    Last edited by Absinthe Anecdote; 09-21-2014 at 11:09 PM.
    All behold that fancy strutting peacock, the bake sale diva...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •