As “P4x,” Alejandro Caceres single-handedly disrupted the internet of an entire country. Then he tried to show the US military how it can—and should—adopt his methods.
Vigilante hacker attacks foreign nation internet infrastructure on behalf of the U.S. without the U.S.'s consent and wants to encourage the U.S. to perform more similar cyber attacks, but witout the approval of the chain of command, without thinking of the repercussions on international relations.
I don't know, but this doesn't sond likea good idea.
It sounds like a Hollywood movie. "Hacker tattoos"? Single person took on an entire country? I dunno, something about this is off, like it's too juicy of a story for Wired to scrutinize it properly and there's really more (or less) to the story.
Yeah, especially since the NSA or FBI or CIA has never accepted the dude's methods. And he's the only one giving his own testimoy about all of this. It's weird.
Something tells me the last thing the world needs from a cybersecurity standpoint is a leaner, meaner Pentagon that can launch cyberattacks faster than they can assess the likely impact
In the article it states the average lead time for a Pentagon-organized cyberattack is six months.
The main point of the article is that this guy is basically trying to push the Pentagon to be more like him, a guy who took personal offense when a North Korean hacker tried to drive-by hack him then took the entire country offline without first considering whether or not they might retaliate against an actual lone wolf attacker, or whether this is a rational response as an individual to the existence of organized nation-state attackers.
Basically, he's lucky the Pentagon took an interest in him. The article points out that the officials he shared his attack with were well aware the main reason they couldn't do something similar is literally just bureaucracy. He's not offering anything new on a technical level, he just wants the Pentagon to shoot from the hip more often and worry less about the consequences of their actions.
TBH, probably everybody in the world would prefer the slower, less aggressive Pentagon we have now rather than one that goes around picking fights with every nation-state and group that pisses it off for like, any reason.
DPRK has a reputation for using assassination and kidnapping on foreign soil. It’s probably not as bad as taking on a Mexican drug cartel, organized crime, or Donald Trump, but it’s still something I’d probably want to keep on the DL.
Nowhere did I imply that the DPRK’s practices justify the attack - that’s left to individuals to think about for themselves. I was saying that their tendency to engage in covert ops against individuals outside of their own borders means that, if I were the hacker, I wouldn’t want my name publicly known. The same goes for the US - even more so. I would expect that someone who managed to disable significant parts of the US internet infrastructure not to then immediately publish their identity.