Follow me on Facebook

Who infiltrated GOV.AF? - Chinese Hackers or US Hackers?

2014-12-23 Hits: 4470 Category:

By: Muhammad Zubair Warsaji

Attribution of a Cyber attack is a real challenge. Because it is not difficult to hide the source of the attack before launching a cyber exercise. According to Reuters ThreatConnect is also not 100% sure about Chinese being the source of cyber attacks on GOV.AF. Reuters report does raise a lot of questions... Three of them are:

1. Who gave permission to ThreatConnect to perform an aggressive Penetration Test on Afghanistan National Decenter?

2. Why did ThreatConnect perform PenTest on ANDC on December 16th, the same day when Chinese Prime Minister Li Keqiang visited Kazakhstan to meet with Afghanistan's chief executive officer, Abdullah Abdullah?

3. How did ThreatConnect got access to the CDN ACCESS LOG files and checked the source of the attackers who infiltrated GOV.AF web server?

This could be interpreted in many ways but either:
1. Log files are accessible by the Public,
2. Or ThreatConnect itself hacked into National DataCenter's GOV.AF

Whatever the case is! vulnerabilities still exist on GOV.AF and Web servers are scan-able without any vulnerability scanning prevention.

How to make it harder for hackers to get in?

1. Avoiding Tactical approach and adopting strategic measures.

2. Diversity of Defense with layered security... every layer must be different than the other technologically...

3. A blue team to provide offensive defense.

4. Simply make hackers' life difficult

Share this article to:

Your Comment:

Note: before posting your comment, once try to preview your comment then post that. thanks :-)

My Recent Web Project

Latest Post: