For the non tech savvy... it's VERY easy to set up a computer or server in another country whether it be a physical machine or a cloud hosted virtual server, then conduct hacks from that server by remote control over a secure encrypted tunnel. Don't take it for granted when an article claims Russia (or anyone else) is the origin of a hack as it will be VERY difficult to find out who or where the hackers actually are. i.e. Chinese hackers could easily conduct their hacking attempts from a server hosted in Russia (or anywhere else). Intel agents in the US would only see the network traffic origin of the server, NOT the location of the hackers in control.
Comments (4)
sorted by:
Once the server is identified, chasing down that server's owner is a relatively straightforward process, then chasing down VPN connected devices from that device through the virtual firewall is time consuming but doable.
Chasing down a server owner is NOT easy if they've used false IDs to rent host servers (which is what hackers do). You think hackers submit their own contact details? Server owner: Mr Chan, 501 Hacker Street, CHINA. :D I've hosted servers using non of my own personal info. They dont care as long as the bills are paid. And how are you going to track down encrypted tunnels when they can be connected over multiple hops? If the hacker suspects he's been seen they just kill connection and connect via another. They also use bot-nets with no single endpoint . Hacking - Lesson 1: How to hide your tracks. ;)
My Network Security Architect who called me in the middle of the night to check hotfix and patching on my SolarWinds servers says differently.
Justsayin'
Not saying he's wrong. If a kid in a basement with his moms credit card was hacking then maybe so. When pro hackers hack they don't get caught. History is proof of that :)