Every day I take a quick glance at my tools I can see evidence of the constant attempts to gain illegal access to my company’s computer networks. Each day there are 10s of thousands of probes from thousands of IP address.
To the best of my knowledge my company doesn’t do this sort of thing but people on my team sometimes talk about it and wonder if we should do it:
So far, the company said its Digital Crimes Unit, through 24 lawsuits—five of which were against nation-state actors—had taken down more than 10,000 malicious websites used by cybercriminals and almost 600 used by nation-state actors, and had blocked the registration of 600,000 more.
It’s very resource intensive to push these things through the legal system. Resources that could be used to harden and/or detect and remediate breaches. There are no easy answers and I don’t fault management for the decisions they have made.
I just know that, for me, as long as there are evil people out there, it means I will have job security.