>including just paying some grunt money to stick a usb device into it.
That's trading a problem for another, which is sometimes the thing to do
One witness is already too much
Yes, but by then the damage could be done.
"Listen, Gary? That's your name right? Let's make it short; you work as security staff at companyX, and you can be seen introducing that USB key on the surveillance video footage, right fucking there... That USB key, which we know now, was the attack vector on companyX's computers, and servers. Where 10 billions worth of data were stolen and damaged last week... So. Gary. The good news is that I can help you. But I can only help you if you help me. The bad news is that if I can't help you, as things stand out, you'll end up charged with a long list of computer crimes and you aren't going to get anything under 30 years in a federal prison. That is, unless, you help us out find who gave you that key.... So. Gary.... Who gave you the key?"
That's the thing, Gary doesn't know, it's just some dude he met in a bar that gave him $1000 and a USB key. Gary takes the fall and the bad guy gets the data.
That's the thing about OPSEC, you have to treat every avenue as a credible threat because it is.
(post is archived)