Re: The origin of breakin attempts

On Sun, 21 May 2006, in the Usenet newsgroup comp.security.misc, in article
<barmar-76A15D.02491921052006@xxxxxxxxxxxxxxxxxxxxxxxx>, Barry Margolin wrote:

ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin) wrote:

How do you explain the disaster when Korea decided to put broadband into
every school, and then left the systems in unpatched, wide open states
that got exploited by every spammer in the world, and every skript kiddie
running his 'ph34r-/\/\3' tool-kit.?

I don't explain it because I was totally unaware of it. I'm not
disputing it, I just haven't followed the details of far eastern
technology transfer that closely.

If you ranked the apparent sources of spam, cracking attempts, and
spam support (web servers, drop boxes, etc.), Korea was pretty bad
for a while. Korea has a lot of bandwidth - it was unsecured, and it
was massively exploited.

But I guess the crux of the question is: are the attacks originating in
the far east, or are the attackers over here and they're exploiting lots
of vulnerable computers over there because the Chinese, Koreans, etc.
don't know how to protect themselves from becoming zombies.

My point up-thread. "Follow the money". The spam from "over there" is rarely
from there. Relatively few "over here" are able to read the native text
(most often even lacking the character set support). While the cost of
delivering the message is minimal, spewing to a 1e-5 chance of a sale
makes more sense than spewing to a 1e-9 chance. Even though the cost is
minimal, it's not zero.

Old guy
.

Relevant Pages