Was the Triton Malware Attack Russian in Origin?
The conventional story is that Iran targeted Saudi Arabia with Triton in 2017. New research from FireEye indicates that it might have been Russia.
I don’t know. FireEye likes to attribute all sorts of things to Russia, but the evidence here looks pretty good.
echo • October 31, 2018 12:59 PM
I’m sceptical of attribution but at the same time undecided/maybe. I read about this a while ago. Re-reading it the only question I have besides motive is could this kind of thing be manufactured from available data on black hat sites and/or black hat activity.
The only other question I haveis why is always Russians (and sometimes Chinese) who get caught?
Actually, another question I suppose is assuming attribution is accurate are there reasons why people are driven to this kind of activity and others are not?
as per the article I read elsewhere Russia is playing a delicate balancing game of forces and it would be odd to risk this. The other issue is the oil production war between Russia and Saudi Arabia with the Russians essentially saying the won’t blink if Saudi Arabia attempts to control the market at Russias expense. If I recall this was not a battle Saudi Arabia won?
I’m not expert enough to have a view and wouldn’t want to look an idiot by trying.