tmoore35at June 10,2017 It is enlightening to see how this being done, and really makes me want to continue my education in order to understand how these attacks are conducted, how they can be prevented, what evidence would be left behind, and how can it be used to identify the hacker.
sbabaat June 11,2017 As the saying goes, you're only as strong as your weakest link. This certainly applies to Government agencies and corporations, both in the US and worldwide. Despite efforts by consumers, companies, and government, it doesn't take much in order to let an APT hacker have access to your system. One careless family member or employee is all the hacker needs. In one of the examples shown in the video, the hacker gained access to a companies system by getting an employee's username and password. possibly because this employee was a little careless with his or her personal information. Or the person may have clicked on a link in an e-mail that he or she shouldn't have. Training and awareness may help make it more difficult for APT hackers, but sometimes people are just inclined to do foolish things no matter how much training they've received.
jstanfo2at June 19,2017 The video steps us through the process of a foreign hacker from Shanghai, China, breaking into a government system to steal files. The hacker wanted to come across as a person living in the United States but had to let his guard down for Google to text him his security code. This problem could be eliminated if the hacker had an intermediary in the USA that could forward the security code from a USA phone number to the Hacker in China. Law Enforcement can track the footprints of the hacker who had to use a foreign phone number more easily than those who can hide their identity with the help of an accomplice.
rparateat June 22,2017 I read few other articles to better understand this video.It's very interesting to see that with only few line of commands any data can be stolen.I read about Mandiant which directly blamed China in cyber espionage in it's report,which was released in 2013.Also APT Hacker did great job though.
gloayzaat July 05,2017 Very interesting to see all the different tools APT1 used to gain access to the victim's files. I wonder if Google can restrict account country generation to a matching country phone number? There are still work arounds but interesting nonetheless. I would like to learn how to perform such an attack considering the intricate methodology of using various tools in certain steps with the need to adjust if you fail the first time.