canalesat January 29,2016 This video shows what one can to do get access to others systems and important information. There are a lot of tools out that help hackers have the success they have, but also show how intelligent these individuals are. When one fails they just move on to the other. Also it demonstrates how easy it is for hackers and that they will always find a vulnerability to hack victims.
tcmahonyat January 30,2016 What I think is surprising about this video is that while they registered the email account in the US region, they still used a phone tied to China for verification. I would think that APTs would have a better sense of OPSEC and that using a phone tied to China would give them away. Given the publicity that APT 1 has also received logging in to the email account from their "home" IP address seems to be an oversight as well. As this report is from a few years ago, I would assume their OPSEC practices improved over time but still very surprising for this type of hacking group.
nickat February 03,2016 I wonder if dota looks back at this video and thinks, "wow, my OPSEC was incredibly bad." This video is likely captured RDP protocol packets that passed through a monitored hop point. The attacker's operational security (OPSEC) was questionable at best and horrible at worst. The use of single hops, that lack of secure communication protocols, such as SFTP and testing your backdoors from your home network easily exposed the tools, techniques and procedures of the threat actors. It's probably easy to understand why the attackers OPSEC was so poor since the APT1 threat group operated with impunity for years and had little fear of retribution. Attacker's complacency, cutting corners and general laziness are often key breaks for investigators when analyzing the activities of threat groups. Unfortunately, increasingly sophisticated actors continue to improve their TTPs and avoid common OPSEC failures. All of which makes them so successful.
nbaker3at February 04,2016 Phising is the biggest issue that my company and my team address. It is amazing how dangerous phising is, especially to uneducated employees. People do not realize how clicking these malicious emails can effect not just them, but their entire company. We currently are using a Phisme campaign to try and educate our employees. This is one of the only preventative that can be taken in this day in age, as attackers get more and more sophisticated.
mcoates1at February 07,2016 I've never hacked into another machine before, but it seems as if with the right tools and persistence, one can easily do it. It's amazing how the person was able to hack into another persons machine and look at all of their emails and steal a lot of the users files.