PPRuNe Forums - View Single Post - BA hacked but they're 'deeply sorry'
Thread: BA hacked but they're 'deeply sorry'
View Single Post
Old 13th Sep 2018, 02:02
  #69 (permalink)  
kristofera
 
Join Date: Mar 2008
Location: Bangkok
Posts: 49
Likes: 0
Received 0 Likes on 0 Posts
Originally Posted by b1lanc
Those pointers can easily be forged. The shear amount of forensic investigation that is involved in determining the source (which can often never be definitively determined) is beyond the scope of one single country or all 'cybersecurity' firms in collaboration. The hosting company may simply have been the first stop in data delivery to unknown parties in unknown countries. Examining the script is also likely non-conclusive. Professionals put inferences in malware to deliberately deceive and obfuscate the originator.
Yes, but IMHO, the first thing they should have done was to secure that VPS and check if it contains any leads to where it was accessed from or where it was forwarding the data to.

Waiting for several days and leaving it up and online doesn't sound like there was much of an investigation in the first place.
kristofera is online now  
Reply