[HN Gopher] CrimeOps: The Operational Art of Cyber Crime ___________________________________________________________________ CrimeOps: The Operational Art of Cyber Crime Author : tjomk Score : 47 points Date : 2020-10-13 08:02 UTC (14 hours ago) (HTM) web link (sec.okta.com) (TXT) w3m dump (sec.okta.com) | DarkContinent wrote: | Out of curiosity: if FIN7 was using JIRA's cloud version, can | Atlassian be held responsible for FIN7's activities (or in | general for ensuring compliance on their platform)? | jkaptur wrote: | JIRA! I suppose that's why they call it "organized crime". | goatinaboat wrote: | Hopefully JIRA can be placed on a list of banned software now. | bserge wrote: | I don't understand how they can keep people in line. It takes | _one_ to talk, and the whole organization is at risk. | | Online "reputation management" is easy work, it's a very grey | area, and it would take a lot of investigation to reveal that | someone has actually been targeted and attacked. | | But take medication sellers, the covers are great, but it only | takes one customer to brag about it and then it's a matter of | time until you're done. Anything said online will come under the | review of authorities sooner or later. | | If we are do delve deeper, real world hits are even riskier. And | they don't pay enough! Sure, I guess the people at the top of | these organizations make serious dough, but the ones doing the | work are paid peanuts. | | I guess it takes a special kind of person to do that, someone | with a death wish, nothing to lose, and probably a massive hate | boner for something. | | I've always been fascinated by the criminal "underworld", even | though I would never participate in anything, too much risk for | too little reward. | dylan604 wrote: | It's only too much risk if you live in a country that | investigates, arrests, and prosecutes the cyber criminal. If | you live in a country that does not, there's no risk. | ldayley wrote: | Fascinating take on a different, darker side of tech innovation. | Makes complete sense that criminal gangs use the same agile | approaches to innovation that a start-up would use. Of course | this is thegruqg writing here, so I expected nothing less. It | somehow makes criminal activity seem so much more mundane when I | imagine guys at desks writing code against support tickets and | user stories. | | Meta: It's nice to see an opsec company get smart and publish | some of the better thinkers/communicators (like thegrugq) over | writing product-tailored in-house content. Maybe security is an | easier field to do this for, as being scared (justifiably or | otherwise) is generally good for business. | | EDIT: expanded comment ___________________________________________________________________ (page generated 2020-10-13 23:00 UTC)