If this hacker group got in, then it’s extremely likely that other state sponsored hacker groups got in too (and they’re not making it public). If you work with highly sensitive information, then you should be responsible and make sure no one is getting in. I’m sorry, but it is how it is. Be glad these people got in now and are bringing it into the public eye. We should be much more responsible with these things and the public should expect AND demand responsibility from every single state institution working with highly sensitive data. I worked in cybersec.
This may be the way now, since in the late aughts / early 2010s large institutions started reporting white hats for cybercrime and suing them rather pay the vulnerability bounty, creating a golden age of black hatring circa 2015 that Russian and Chinese states exploited.
This is what we get for NSA turning into a SIGINT service rather than a COMSEC service. The US State willfully made this bed with pre-infected sheets.
If this hacker group got in, then it’s extremely likely that other state sponsored hacker groups got in too (and they’re not making it public). If you work with highly sensitive information, then you should be responsible and make sure no one is getting in. I’m sorry, but it is how it is. Be glad these people got in now and are bringing it into the public eye. We should be much more responsible with these things and the public should expect AND demand responsibility from every single state institution working with highly sensitive data. I worked in cybersec.
This may be the way now, since in the late aughts / early 2010s large institutions started reporting white hats for cybercrime and suing them rather pay the vulnerability bounty, creating a golden age of black hatring circa 2015 that Russian and Chinese states exploited.
This is what we get for NSA turning into a SIGINT service rather than a COMSEC service. The US State willfully made this bed with pre-infected sheets.