News AMD working with law enforcement after reports of massive data breach — hack may have uncovered future product details

[Admin]

Known cybercriminal Intelbroker claims to have breached AMD and got plenty of sensitive information that is now available for sale.

AMD working with law enforcement after reports of massive data breach — hack may have uncovered future product details : Read more

 

[CmdrShepard]

OK gentlemen:

1. Unsecured Amazon s3 bucket
2. Socially engineered user with more privilege than needed to do their day-to-day work
3. Exploited vulnerability in one of the AMD products used in their own data-center
4. Any of the above, but they will blame it on random_choice_from("Russia", "China", "North Korea", "Iran")

Place your bets.

 

[HaninTH]

OK gentlemen:

1. Unsecured Amazon s3 bucket
2. Socially engineered user with more privilege than needed to do their day-to-day work
3. Exploited vulnerability in one of the AMD products used in their own data-center
4. Any of the above, but they will blame it on random_choice_from("Russia", "China", "North Korea", "Iran")

Place your bets.

This is the Standard Operating Procedure these days for any of the 3/4 Lettered departments across any government/corporation.

Most people won't bother to look beyond the headlines or what they're told, so, 60% of the time, it works, every time!

 

[derekullo]

Nobody would suspect Switzerland!

 

[bit_user]

1. Unsecured Amazon s3 bucket

Very unlikely, since the data seems to have been collected from a diverse set of repositories.

4. Any of the above, but they will blame it on random_choice_from("Russia", "China", "North Korea", "Iran")

Dude, the hackers themselves published details of the data they stole. No need to find a scapegoat, when the criminal announces their exploit to the world!

P.S. I have no idea where that hacking group is based. Also, I think there's plenty of blame to go around: companies need to do better at securing their data & networks, but countries also shouldn't knowingly harbor (or even sponsor) hacking groups. The former is no excuse for the latter.

 

[CmdrShepard]

P.S. I have no idea where that hacking group is based. Also, I think there's plenty of blame to go around: companies need to do better at securing their data & networks, but countries also shouldn't knowingly harbor (or even sponsor) hacking groups. The former is no excuse for the latter.

There are rumors they are from Iran, hence my jab with the blaming.

 

[KnightShadey]

P.S. I have no idea where that hacking group is based. Also, I think there's plenty of blame to go around: companies need to do better at securing their data & networks, but countries also shouldn't knowingly harbor (or even sponsor) hacking groups. The former is no excuse for the latter.

While I agree with much of that, realistically state sponsored hacking is a pervasive reality, and the repercussions sofar seems to be stern words at best. So while the sentiment is logical and sensible to most, in this case the benefit to a country like China (or Russia), whose chip industry is actively being stifled by restrictions/sanctions would likely see great benefit from supporting this hack and rewarding the actual hackers if the data was helpful to their future plans (even if the restrictions are more fab focused).

Realistically if it were commercial espionage it would be hard to exploit the information without running afoul of future restrictions (lawsuits, sanctions, import bans, etc), but for states that largely ignores IP & business norms and focuses on local markets, they wouldn't have those concerns, making them prime buyers, even if they didn't initiate the exploits.

Again, not saying they were involved or have supported them, but the obvious benefit is there.

And while 100% the former is no excuse for the later, it's also disappointing when companies use the state/sophisticated actors as excuses for poor security practices (ala Sony).

 

[bit_user]

While I agree with much of that, realistically state sponsored hacking is a pervasive reality, and the repercussions sofar seems to be stern words at best.

...as far as you know. I'm not saying there's active retaliation, but we should keep in mind that there are things said & done out of the public eye.

Payback isn't always in-kind, either. It could be in the form of selling some country more sophisticated weapons or access to spy satellite data... there are lots of options.

 

[KnightShadey]

...as far as you know. I'm not saying there's active retaliation, but we should keep in mind that there are things said & done out of the public eye.

True, we don't know it all. However, based on even sub-surface view of the know exploits vs the US, it seems pretty obviously from the of former intelligence & military personnels' comments, as well as even senate intelligence committee members, that the responses are woefully inadequate and the balance is heavily one-sided.

Most investigations tend to say initial weak response gave the green light for further exploits, and any subsequent efforts don't seem to have slowed the pace.

Again, I'm not saying that was the case here, but the history is do & deny, and the benefit seems obvious even if the fingerprints are someone else's.

As this is all speculation at this point, that is my speculation, of course if anyone has concrete evidence I'm sure AMD and others would appreciate the info/insight.

 

[hotaru251]

NGL...tech companies (and anyone handling sensative data) should start engineering onsite servers that can not connect to unauthorized devices/connections w/o approval from top.

This prevents a lot of risk & should happen can easily narrow down who possibly allowed it.

 

[tamalero]

Very unlikely, since the data seems to have been collected from a diverse set of repositories.


Dude, the hackers themselves published details of the data they stole. No need to find a scapegoat, when the criminal announces their exploit to the world!

P.S. I have no idea where that hacking group is based. Also, I think there's plenty of blame to go around: companies need to do better at securing their data & networks, but countries also shouldn't knowingly harbor (or even sponsor) hacking groups. The former is no excuse for the latter.

might need to re-read.

original poster said the possibility of AMD or any other company using "blame X country" as a classic PR response.
Not that they didn't know who would it be.

It's like in politics, everyone blaming Trump, Biden, Hillary, Russia and Epstein even when things are nothing remotely related to any of them.

 

[bit_user]

might need to re-read.

original poster said the possibility of AMD or any other company using "blame X country" as a classic PR response.

But that makes no sense when the hacker group already announced themselves? Why would the company blame X country?

I think it's usually politicians blaming countries, not companies. For companies, there are real downsides to getting into geopolitics and not much upside.

even when things are nothing remotely related to any of them.

If you want to talk about knee-jerk reactions, that's how the poster I replied to came across. I got the impression that the poster didn't read the article, because the post didn't align with several facts, which I highlighted. It seemed they just exploited this incident/article to air their political opinions, not unlike what you just did.

 

[usertests]

hack may have uncovered future product details

We gonna be eating good this quarter.

 

[bit_user]

We gonna be eating good this quarter.

Depends on whether AMD pays the ransom.

 

[Integr8d]

OK gentlemen:

1. Unsecured Amazon s3 bucket
2. Socially engineered user with more privilege than needed to do their day-to-day work
3. Exploited vulnerability in one of the AMD products used in their own data-center
4. Any of the above, but they will blame it on random_choice_from("Russia", "China", "North Korea", "Iran")

Place your bets.

Smart money’s on Cyrix.

 

[peachpuff]

NGL...tech companies (and anyone handling sensative data) should start engineering onsite servers that can not connect to unauthorized devices/connections w/o approval from top.

This prevents a lot of risk & should happen can easily narrow down who possibly allowed it.

How hard is it to only allow certain ip's to login?

Hey IT admin add my 192.168.0.1 ip so I can login.
IT admin: done

Is convenience really the reason they don't do it?

 

[edzieba]

How hard is it to only allow certain ip's to login?

Hey IT admin add my 192.168.0.1 ip so I can login.
IT admin: done

Is convenience really the reason they don't do it?

That's... not how networking works. At all.

 

[PEnns]

OK gentlemen:


4. Any of the above, but they will blame it on random_choice_from("Russia", "China", "North Korea", "Iran")

Place your bets.

You mean Intel and Nvidia would not also love this information!

But it is very conceivable that the hackers would sell the info to any of the above plus many other companies, big or small, who have even the faintest in GPU technology.

And let's not forget, just because an allegedly unaffiliated hacker group claims it's just them, it doesn't mean they're not being paid by an XYZ entity to do it - to obfuscate the real purpose and the real culprit.

 

[bit_user]

You mean Intel and Nvidia would not also love this information!

But it is very conceivable that the hackers would sell the info to any of the above plus many other companies, big or small, who have even the faintest in GPU technology.

The legal downsides of them having anything to do with this are too great. They've been competing alright without it, so I really don't see why they'd want to touch it with even a 10-foot pole.

 

[CmdrShepard]

You mean Intel and Nvidia would not also love this information!

They wouldn't touch it because it's all patented and copyrighted anyway. It only has worth to people who are looking for flaws and exploits, not to implementers.

 

[PEnns]

There are rumors they are from Iran, hence my jab with the blaming.

The legal downsides of them having anything to do with this are too great. They've been competing alright without it, so I really don't see why they'd want to touch it with even a 10-foot pole.

Nobody is saying they would steal AMD's plans!

But having insight into AMD's current future plans would be very useful insider info to them.

 

[CmdrShepard]

Nobody is saying they would steal AMD's plans!

But having insight into AMD's current future plans would be very useful insider info to them.

They already know each other's plans.

 

[bit_user]

Nobody is saying they would steal AMD's plans!

So, exactly what are you saying?

But having insight into AMD's current future plans would be very useful insider info to them.

Again, the legal liability they would face from having anything to do with it isn't worth any possible advantage they could gain by it.

 

[bit_user]

They wouldn't touch it because it's all patented and copyrighted anyway. It only has worth to people who are looking for flaws and exploits, not to implementers.

I think there's still a lot they could stand to gain from a large & diverse trove of data - details like product BoM and production costs, supplier lists & pricing agreements, detailed product specifications, release schedules, marketing strategies, etc. These would be protected by trade secret, although I think those protections only work as long as the information remains non-public.

They already know each other's plans.

I'm sure they read the published leaks, just like the rest of us. I don't think they know much beyond that, again because the liability of being involved in corporate espionage is so high.

At my job, we have to take annual "ethics" training classes, where one of the things they drill into us is not to seek or use non-public information about a competitor. From what I understand, most big companies have similar programs in place. By "ethics", what they really mean is not to do things that expose the company to liability. Things like bribery, collusion, texting while driving on business trips, unsafe work practices, harassment, etc.

 

[CmdrShepard]

I think there's still a lot they could stand to gain from a large & diverse trove of data - details like product BoM and production costs, supplier lists & pricing agreements, detailed product specifications, release schedules, marketing strategies, etc. These would be protected by trade secret, although I think those protections only work as long as the information remains non-public.


I'm sure they read the published leaks, just like the rest of us. I don't think they know much beyond that, again because the liability of being involved in corporate espionage is so high.

At my job, we have to take annual "ethics" training classes, where one of the things they drill into us is not to seek or use non-public information about a competitor. From what I understand, most big companies have similar programs in place. By "ethics", what they really mean is not to do things that expose the company to liability. Things like bribery, collusion, texting while driving on business trips, unsafe work practices, harassment, etc.

When you are in the same business many things can be inferred by what your competitors are ordering at your mutual suppliers / partners, how much they are paying for it, what new infrastructure they are building out, what patents they have submitted, what permits they applied for, etc. You don't really need to actually spy on them to get this info.