Bigger picture, what's the endgame here? It seems a lot of institutions handling sensitive work are considering air-gapping some or all of their networks at this point. Maybe that's even what has to happen.
Is there a means of fending off these attacks on the political front? If this same level of espionage was happening in person, there would be a kinetic response but it seems everyone is happy to just turn the other cheek.
These attacks have a very real impact. Copying others homework is a tried and true way to get a technological edge and in practical terms, it means a lot of research and development money is effectively wasted as it doesn't generate any returns.
Mind, I don't think there should be a violent response, but it's odd that even the threat of sanctions isn't made whenever this happens.
If you mean the strategy as the end nears, it should be what it should always have been: trust no single product or supplier, implement multiple layers of defence for what is important. Maintain in-house expertise.
If you mean the "Lessons (never) Learned"... Train developers better, build better software through validation and verfication, train management to understand technology and risk. Humans become increasingly incompetent as complexity is scaled.
Everyone is doing espionage, no one is going to war because Microsoft has flaws.
Air-gapped systems really only make sense for the occasional need to access exceptionally sensitive materials. I.e. private keys for root CAs.
For most businesses, air-gapping would mean we are back in the 20th century of business with filing cabinets and armies of people pushing paper between 2 rooms.
It's not actually that bad. There's a lot of defense, security, and highly proprietary development that happens on isolated networks. You have to put significant effort into IT infrastructure but you'll end up with all your stuff hosted internally and most tools support custom package repo mirrors (linux distros, programming languages/build systems, docker). You'll also probably have a second system with internet access at your desk if not nearby for stackoverflow et al.
Basically the idea is defense in depth. The valuable stuff (design files, schematics, code, documentation) lives in the air gapped network while communications live inside a VPN and detailed technical discussion is often discouraged.
Keep in mind, there's actual air-gapping, and there's secure enclaves. This specific attack would have no teeth if your Exchange server / OWA endpoint were only accessible from corporate VPN. You don't have to be one of the top-ten biggest corporations to run a global-scale intranet with off-the-shelf VPN servers, and it still greatly reduces your attack surface.
Not true countries accept that they spy on eachother. They all do it its just that America are the "good guys" and its enemies don't do press conferences on how they got hacked.
Also we already have copyright and patents so no you can't copypaste an iPhone.
>Copying others homework is a tried and true way to get a technological edge
The Soviets were better at spying than the West was, but their being better at copying the West than the West was at copying them didn't seem to help them all that much.
Lots of comments on the security arms race, but I'm curious about the geopolitical end game. What will Russia and China do with this information? Technological advancement is a means to an end. What is the end?
It’s likely that whatever the Chinese or Russians are doing to the US, the US has bigger and better exploits gathering intelligence within adversary networks. Being too aggressive about these would undermine the US position when they are eventually discovered. The US must have some fantastic assets if they are putting up so little fuss about solarwinds and this attack.
Pure unfounded speculation. The Russians and Chinese have a huge advantage over American intelligence agencies just by the simple fact that there are far more English-speaking Russians/Chinese than there are Russian-speaking Americans. Massive information asymmetry. How many native English speakers speak fluent Russian? Less than a few hundred in the entire world (I'm a Russian academic, I know). How many native Russian speakers speak fluent English? Hundreds of thousands of people. That's the reason why the Russian government is able to run massive projects that directly influence American public opinion through social media. America simply doesn't have that volume of talent and infiltration into foreign societies.
> The US must have some fantastic assets if they are putting up so little fuss about solarwinds and this attack.
Actually they are putting up so little fuss because they are incompetent and castrated since the last administration.
>How many native English speakers speak fluent Russian? Less than a few hundred in the entire world
I think this is one of the most ridiculous things I've ever read on HN, if not anywhere on the Internet. There are a few hundred native English speakers who are ethnically Russian/Ukrainian who speak fluent Russian in any one small neighborhood in a mid-sized city in the US, and there are dozens of such neighborhoods in the US, and the US is only 5% of the world's population. I personally know about 50 people who meet this description, I was at a Greek Orthodox christening with them last year! Not to mention that you can hire non-native English speakers who can read Russian, not to mention the new world of translation apps
I'm not talking about ethnic Russians/Ukrainians, I used "native English speakers" as a codeword to refer to "real" Americans, i.e. people who are have deep ethnic and historic loyalty to the American cause. You cannot rely on most ethnic Russians/Ukrainians in America to have blind loyalty to an American cause.
Just the number of native bilingual Russian-English speakers numbers in the thousands at least. Just think of everyone who immigrated to the US after the fall of the USSR.
It's more about impunity. If your previous actions didn't cause any serious reaction, you will continue doing more bad things. Tolerance to bad things is destructive.
Is there a means of fending off these attacks on the political front? If this same level of espionage was happening in person, there would be a kinetic response but it seems everyone is happy to just turn the other cheek.
These attacks have a very real impact. Copying others homework is a tried and true way to get a technological edge and in practical terms, it means a lot of research and development money is effectively wasted as it doesn't generate any returns.
Mind, I don't think there should be a violent response, but it's odd that even the threat of sanctions isn't made whenever this happens.