August 18, 2011, 5:07 PM — What if you had Lojack or PC Phone Home for private data?
Private data on public sites has the same problem as a tourist carrying cash: it's convenient for the owner, but even more so for a thief. Once it's stolen there's no practical way to track it back to the culprit, let alone make it self destruct so whoever stole it can't get any use out of it.
Despite attention and activity from business, media and government about digital security growing so quickly it is becoming what Oquendo called a "Cybersecurity Industrial Complex," very little information has become public that could identify attackers in the Shady Rat report, Sony attacks or any other major digital assaults.
The most common information is "source" IP addresses from which the attacks are supposed to have been originated.
U.S. military cybersecurity groups have frequently attributed long-term, sophisticated attacks to specific cyberwarfare groups in China, as have reports that combine IP addresses and common sense reasoning to convict China on the basis of what may be falsified or misunderstood circumstantial evidence.
Saying an attack on the UN came from a group of IP addresses within China and that much of the data taken reflected China's interest in internal Taiwanese politics sounds convincing as a sound bite, but wouldn't stand up under cross-examination in a U.S. courtroom.
IP addresses not only can be spoofed, they have to be by anyone hoping for more than a one-attack career. Spoofed IPs, remotely controlled zombies rented from botnets, commercial or free proxies, proxies that are free because their owners don't know they're participating in cyberwarfare and a dozen other techniques can hide the source of an attack behind one wall of fakery after another.
The South China Morning Post reported China suffered 500,000 cyberattacks during 2010, Oquendo writes.
source: Honeynet Project