"Hacking" these days - purpose?
rsk at gsp.org
Mon Dec 14 15:41:44 UTC 2020
On Mon, Dec 14, 2020 at 09:58:01AM -0500, Tom Beecher wrote:
> Questionable cloud / VPS / hosting companies are great for spammers and
> botnet C&C, but not so great for DDoS "ion cannons". You still need a large
> volume of geographically diverse endpoints for those to be effective.
To piggyback on this: when launching a DDoS, diversity along multiple
axes is helpful: geography, topology, connectivity, operating system, etc.
Each additional form of diversity slightly raises the bar for defenders.
Also, every compromised device may be a source of useful/saleable data,
or the gateway to more of the same or to more valuable targets or to the
compromise of people. The IoT is particularly fertile ground for this
because to a very good first approximation, "IoT security" is an oxymoron.
More information about the NANOG