this post was submitted on 22 Aug 2024
278 points (97.0% liked)
Technology
59674 readers
3142 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I would guess the number one way he was found was internal security systems in each of the hacked systems.
Cybersecurity involves lots of automated systems that "alert" system admins when it comes to strange patterns.
Like... This user is logging in from an unrecognized IP from an unrecognized geo-location during a time the user usually would be asleep. The user in question has never logged into the system from that area or IP, nor do they do it when they're off the clock in the middle of the night. These unusual details would trigger an alert sent to a sysadmins cell phone, and from them they would begin digital forensics to try to pick up the trail of who this was.