Oh wonderful. Replacing all IT because they were hacked? Let me guess, they will use Windows, Exchange, and MS Office again on the new system. The software triumvirate screaming “please hack me”.
Project manager: at least I can blame the vendor
Entirely seriously, yes.
Most project managers I’ve ever met or known or worked with are basically incompetent technically, and very insecure / in denial about that, and thus vastly prefer the ‘safe’ option of someone else being responsible over the ‘risk’ of… hiring actual quality people that can make/support their own quality product.
🤣 should we get a list of foss projects that have had security issues? Or how about how someone slips some shit in upstream every few weeks it seems?
Stop this nonsense. You can hate Microsoft for legitimate reasons.
I mean… For real, I’ve never heard of Linux systems being hacked this way. I’m sure it’s possible, but it certainly seems rarer.
Slipping shit in upstream also certainly doesn’t happen "that* often. It takes effort to become recognised enough as a developer to be allowed access to the upstream code, meaning you can’t automate those kinds of attacks. (I imagine. Correct me if I’m wrong.)
It does happen occasionally, from time to time, but, because everything is gasp open source, it tends to get caught, identified, blocked/quarantined and then fixed considerably more rapidly, with decent fallback instructions/procedures in that interim period.
Like apparently it actually just recently happened with some asshole uploading bs malware libs/sources to the AUR… even still, got caught pretty quickly.
Also, you can basically describe the entire CrowdStrike fiasco as exactly this kind of upstream oopsie doopsie.
Doesn’t really matter in the big picture if it was intentionally malicious or not, when you Y2K 1/4 of the world’s computer systems.
Absolute opposite. The majority of successful attacks you see today are identity management and supply chain attacks. If you walk into any OCIO office supply chain will be a top 3 concern.
I know of one successful supply chain attack in FOSS.
So still points for using it.
Microsoft is getting hacked every other week.
As well as FoSS projects.
What’s Saint Paul gonna do about it?
Complain to Jesus?
🙄
but at least Abilene was insured against such an attack
Oh, well that’s great. I hope the people, whose identity, medical records, or whatever else was stolen will be compensated accordingly. Would be a shame if the money went into building a new, just as unsafe system.
Not that anyone gives a fuck. At this point the argument is “your data had probably already been stolen somewhere else”…
The national guard here is looking around for men in black masks in front of computers throughout the city. Its crazy
What are the chances this took place during working hours in China?
With no ransom demand it’s gotta be a state actor probing defenses and testing responses, right? I think first guesses would be Russia, China, Iran or maybe North Korea.
Had to read the article to realise st Paul is a city name. 😅
Also, could it be a 'the call is coming from inside the house " situation?
I remember pedo party hating this mayor. It was all over lemmy during simpler times.
Isn’t there an upcoming election in St. Paul?
Loving the completely unfounded speculation that it must be
EurasiaRussia orEastasiaChina in this thread.Y’all are so deep in propaganda you don’t even know it.
https://en.m.wikipedia.org/wiki/Political_geography_of_Nineteen_Eighty-Four
Would you like to name other likely suspects? It’s not standard criminals, there have been no ransom demands. And they’re unlikely to piss off the govt to this extent. Which leaves state actors. Gee, wonder who it might be.
Literally anyone until proven guilty?
So we can’t guess who’s responsible? Not even the most obvious ones?
https://www.bbc.com/news/articles/c2kgndwwd7lo
https://www.bbc.com/news/articles/ce8vedz4yk7o
https://www.ncsc.gov.uk/news/uk-condemns-chinese-cyber-attacks-against-businesses-governments
https://thesoufancenter.org/intelbrief-2025-january-10/
https://cybermagazine.com/articles/chinas-cyber-espionage-surges-150-says-crowdstrike
Yeah. Definitely propaganda.
You poor thing.
Yes. There are quite a few completely unfounded pieces stating it is Russia or China or North Korea behind thing X with no proofs whatsoever.
These do not go to prove your point.
Now, there were some proven cases, but attributing every attack to one of these now without judge and jury is nothing but blatant and bold propaganda.
Did you get lost on the way to Lemmy.ml?
1.5 billion in crypto isn’t something you can spend without attracting attention, of course it was them.
People got so deep into their allegiance games that they cannot comprehend anyone standing for the truth.
Fuck .ml China fappers, and fuck .world Russia-guilty-of-everything fans. You’re equally terrible in enabling atrocities.
As I said, some cases are confirmed, some are wild speculations. And latter are commonly used in future arguments as confirmations, despite them being mere speculated assumptions.
You can have a barrage of “something-bad” confirmations like these out of thin air, and this is a common propaganda tactic.
Also:
https://www.bbc.com/news/world-us-canada-68659095
https://www.semafor.com/article/07/23/2025/chinese-state-hackers-breach-us-nuclear-agency
https://www.ted.com/talks/laura_galante_how_and_why_russia_hacked_the_us_election
https://cyber-peace.org/wp-content/uploads/2018/11/rpt-apt28.pdf
https://services.google.com/fh/files/misc/rpt-redline-drawn-china-espionage-en.pdf
https://en.wikipedia.org/wiki/Cyberwarfare_and_China
I guess it’s all just propaganda, huh. We’re just a bunch of gullible buffoons.
