b...@theworld.com <b...@theworld.com>: > > On October 28, 2016 at 22:27 l...@satchell.net (Stephen Satchell) wrote: > > On 10/28/2016 10:14 PM, b...@theworld.com wrote: > > > Thus far the goal just seems to be mayhem. > > > > Thus far, the goal on the part of the botnet opearators is to make > > money. The goal of the CUSTOMERS of the botnet operators? Who knows? > > You're speaking in general terms, right? We don't know much anything > about the perpetrators of these recent Krebs and Dyn attacks such as > whether there was any DDoS for hire involved.
We can deduce a lot from what didn't happen. You don't build or hire a botnet on Mirai's scale with pocket change. And the M.O. doesn't fit a criminal organization - no ransom demand, no attempt to steal data. That means the motive was prep for terrorism or cyberwar by a state-level actor. Bruce Schneier is right and is only saying what everybody else on the InfoSec side I've spoken with is thinking - the People's Liberation Army is the top suspect, with the Russian FSB operating through proxies in Bulgaria or Romania as a fairly distant second. Me, I think this fits the profile of a PLA probing attack perfectly. -- <a href="http://www.catb.org/~esr/">Eric S. Raymond</a>