Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How does somebody exfiltrate 34 TERABYTES from a secure facility without getting noticed?

To misquote Dr. Strangelove, "ze whole point of ze secret hack is lost if you don't keep it a secret." https://youtu.be/2yfXgu37iyI?t=205

Oh, maybe they have a firewall built on a RaspberryPi somebody ordered online.

Seriously, WTF? This is as insecure as having contract sysadmins with root privilege spread all over the globe.

And when will these state actors with unlimited funding figure out that NOBODY can keep secrets forever, not even them?



Man I got to tell you if you there are low standards almost everywhere. I've pulled off multiple (legal) gigs where you'd think "surely X has done Y to stop obvious negative conclusion Z" and no, they did not do Y. They did some dumb B or C and it was trivial to detect and get around and, at best, it took them a month to notice what you did and their new countermeasures aren't up to the challenge either.

This is why I've been so concerned about cybersecurity and cyberwarfare. I do not see gross competence here and most of the people I respect that write about this type of thing are sounding the alarm. Click Here to Kill Everybody or Matt Tait (@pwnallthethings on Twitter) ending an Infiltrate conference talk with a nuclear bomb as the final image.


Absolutely. So now let's consider the source, the role that three letter acronym fulfills, and the strategies and tactics it's know to use.

Put another way: perhaps it's not an accident? And perhaps some of what was leaked was a decoy?

Yes, keeping secrets is difficult. All the more reason to take advantage of that.


>So now let's consider the source, the role that three letter acronym fulfills, and the strategies and tactics it's know to use.

Like leaving data of their secret assets available on Google searches, leading to hundreds of deaths? And firing the employee who warned then of the problem seven years before it was exploited?


I would suggest you research a bit on how intelligent and counter-intelligence actually works; not the Hollywood version.


I have, I was describing the CIA's recent history. Thinking CIA incompetence is some classic subterfuge is more of a Hollywood plot.

https://finance.yahoo.com/news/cias-communications-suffered-...


You'd think at least some of these inept cyberspooks would have read Neal Stephenson's Cryptonomicon. Or Brian Krebs. Or Bruce Schneier.

Or even the news story of how their old boss(!) John Brennan had his AOL(!) email account(!) cracked(!) by a teenager(!) guessing his password(!). The teenager exfiltrated something sensitive, a job application I believe, and was prosecuted for it. Meantimes, the former Director of Central Intelligence gets to keep his reputation.


He did not keep his reputation, at least not among the people who care about that sort of thing.

Source: lived around DC when it happened, had contractor friends complaining out loud about it


What are the tools to help orgs notice exfiltration?


Glossing over 10 years of tens of thousands of people's work, things like Titan Rain (1, 2) led to a lot of thinking about monitoring your production environment with things like the istio sidecar system.

(1) https://en.wikipedia.org/wiki/Netwitness

(2) https://en.wikipedia.org/wiki/Shawn_Carpenter


Preventing any unauthorized USB devices or as cards is a basic one. Many defense contractors have USB disabled and/or the ports filled with glue.


Firewall alerts about large outbound data flows.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: