Quote:
Originally Posted by sexobon
That's why I'm suggesting the primary reason for the attack may have been reconnaissance rather than disruption.
|
Reconnaissance makes more sense. It is harder to detect. Disruption would cause investigations that might discover the malware.
Disruptions must target the few parts that are difficult to obtain or manufacturer. Malware is unlikely to properly target such parts.
Consider how easy it can be accomplished. Take your own computer. The NIC or 'USB to ethernet' adaptor can contain malware that anti-virus software would never detect. Malware could be triggered when needed. Nobody would know it exists before hand. And no anti-virus software would find it before being triggered.