this post was submitted on 26 Feb 2024
113 points (96.7% liked)
Technology
59605 readers
3415 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That’s okay! The literature and the international cybersecurity community explicitly disagree with your naive assessment that “billions means we have capabilities” and the total lack of defense for critical infrastructure highlights how all of that is spent poorly. I don’t need to go out of my way to try and convince someone on a government contract doing nothing because neat attacks like the Colonial Pipeline and Pegasus prove my point!
NIST also pushed DES after it was known to have been broken. Granted NIST-800 does actually match industry standards but that’s only because the NSA can’t weaken it without raising eyebrows.
Since you bring up Sandworm, that’s a great example of proving my point. Not the US.
You can’t call Colonial “cherry-picking” and then say that critical infrastructure is a known vulnerability no one can defend. It’s a great example of, once again, my point because Russia has already taken out grids multiple times and we still have no response. If you say the feds got Volt Typhoon I’ll point to plenty of other attacks on US companies they didn’t foil.
Show me the equivalent US attacks on Chinese, North Korean, or Russian targets. Show me the constant prevention of not attacks on government targets but private targets. Show me the diversion of academic resources and constant publication pulled from universities because of its classified nature. Show me a government that pays more than private sector with its pick of the top. Show me a private sector known around the world for its cyber capabilities.