They'd probably go all in, kill the leader of the nation, kill some of the successors in line, bomb the daylights out of a bunch of civillian sites, wipe out a girls school, sink a few ships... oh wait.
USA is fortunate to have the power to respond. 9/11, Pearl harbor are examples.
When Iran blew up a Jewish community center in Buenos Aires on the other hand... It took 32 years to arrange a meeting with G-d for those who are responsible.
Does InTune have some sort of check that goes "if over 1% of devices are wiped within a certain timeframe, stop all new device wipe requests"? Seems like it should be a feature, especially if these kinda attacks pick up.
>During TechEd 2014, Emory University's IT department prepared and deployed Windows 7 upgrades to the campuses computers. If you've worked with ConfigMgr at all, you know that there are checks-and-balances that can be employed to ensure that only specifically targeted systems will receive an OS upgrade. In Emory University's case, the check-and-balance method failed and instead of delivering the upgrade to applicable computers, delivered Windows 7 to ALL computers including laptops, desktops, and even servers.
So gain access to a machine that can ask microsoft intune to eviscerate the company, ask it to do so, done. Bit of a shame all the machines had that installed really. Reminds me of crowdstrike.
My 95% bet is that the attacker just gained access to an account with suitable privileges and then went on to use existing automation. The fact that it’s intune is largely irrelevant - I’m not aware of any safeguards that any provider would implemen.
So the options here are MDM or no MDM and that’s a hard choice. No MDM means that you have to trust all people to get things as basic as FDE or a sane password policy right. No option to wipe or lock lost devices. No option to unlock devices where people forgot their password. Using an MDM means having a privileged attack vector into all machines.
Well, all the machines in the current outfit are Linux as far as I know. Services are self hosted. Seems to be fine, teams et al run adequately in a browser for talking to people on other stacks.
Previous place had a corporate controlled windows laptop that made a very poor thin client for accessing dev machines. One before that had a somewhat centrally managed macbook that made a very poor thin client for accessing dev machines.
You don't have to soul bond to Microsoft to get things done.
I don't see how Linux would prevent anything if company wants similar controls on their machines. Like tracking update status, forcing updates when needed, potentially wiping entire device when stolen and so on. Fault really is not the OS but the control corporate wants over their devices. And it does make some sense.
>Bit of a shame all the machines had that installed really.
Are you new to Windows sysadmin stuff? Or you have 0 idea whatsoever and you are just vibein?
How else are we supposed to deploy/push programs and settings and in the past over SCCM, an entire OS, if the machines don't have it installed?
This is also how your precious Linux tool Ansible and Puppet works btw.
And MDMs like Mosyle for OSX. They need it installed. Because IT need to keep check on updates and settings and programs. But I suspect you are a rockstar dev and dont need no IT.
Go on, I'll wait.
mmm yeaaah just downvote me instead. Hide the wrongthink. You people need to not be so sure of yourselves.
An alternative is people install the software they choose to on the machines they're using. Optionally write a list of suggested programs down somewhere.
In that world, there is no central IT team pushing changes to machines and arguing with developers about whether they really need to be able to run a debugger.
I don't know how to keep windows machines alive. It's probably harder.
Stryker is far more than ambulance gurneys. They’re one of the largest med-tech suppliers, with equipment in operating rooms, ICUs, and surgical departments everywhere.
If a wiper actually hit internal systems, the bigger concern isn’t consumer data but disruption to manufacturing, logistics, and hospital support. That kind of outage could ripple through a lot of hospitals pretty quickly.
Medtech firms consistently underinvest in corporate network cybersecurity because almost all their security and compliance spending goes to device safety requirements, not IT hardening. This is exactly the kind of gap wiper attacks target.
My only knowledge of this company is as a manufacturer of gurneys for ambulances.
I guess they have some sensitive data on our emergency services organizations and their headquarters addresses and accounts payable people, maybe PII on signatories (officers, board members & “important people”) and whatnot.
Probably worse in the boring B2B way, not the consumer-breach way. Stryker is deep in hospital operations, so the immediate risk is supply chain and support disruption rather than leaked patient data. The Krebs post says one hospital system already could not order surgical supplies, and if the Intune remote wipe detail is true, recovering internal devices and admin workflows could take a while even without any medical devices themselves being compromised.
Wipe all data kind of seems like the best kind of cyberattack if you have backups. No data falling into wrong hands, no left behind rootkits, no ransome threats etc
> No data falling into wrong hands, no left behind rootkits, no ransome threats etc
You won't necessarily be able to know that the data hasn't already been exfiltrated and that the backups aren't post-compromise. Or that by restoring the backup you won't get back to the state that allowed them to get in in the first place.
See, here is what I've observed. I don't expect to change your POVs. Nevertheless...
The issue started when Israel was ready to have recognition from Saudi Arabia on their statehood. This would make Hamas irrelevant. And puts Sunnis (Iran) lesser recognised. Meanwhile Shia's (Saudi) will become the defacto in the Muslim world and half of Muslim world would either tolerate or be OK with Israel. Hamas attack on Israel at Oct 7 stopped that. Hamas has been supported by Iran for a long time. So in the whole Gaza - Israel thing, Iran was backing Hamas. Then they proxied with them by providing assistance. Then they eventually directly got involved.
You need to understand, there was good period of peace between Israel & Palestine until Oct 7.
While I reject US toppling govts around the world, Iran's hand is not clean in this one. But also, US thought this would be as easy as Venezuela and killing Iran's leader will stop this. Interfering in other countries biz have consequences. And in this case, it's true for Iran & US.
>You need to understand, there was good period of peace between Israel & Palestine until Oct 7.
Yes, in the year before Oct 7. alone Israel army had only killed about 40 Palestinian children (34 alone between Jan and Nov 2022).
Not to mention Iran has been a target since 2001: https://www.youtube.com/watch?v=FNt7s_Wed_4 - if not since 1953 (their 1979 changes being a response to the 1950s western invervention that installed a dictatorship), if not since forever:
Sure, if you consider Israel killing several hundred Palestinians each year and having a thousand hostages, sorry, "administrative detainees" indefinitely incarcerated without charge as they continued to colonize Palestinian land peaceful.
> You need to understand, there was good period of peace between Israel & Palestine until Oct 7.
What a disgusting and patronizing rewriting of history. This "peace" was enforced by ongoing occupation of Palestine and abuse of the people living there.
More pragmatic: peace was Palestinians getting to keep their houses standing and israelis not getting butchered by bloodthirsty monsters. Everything else is implementation detail I'd love to discuss.
Mowing the lawn and stealing land in the west bank is what you call peace?
Israel even killed Irans negotiators last year when they were getting close to a deal. This situation is engineered, Netanyahu has wanted this for decades.
I have no idea why you would assume Israel had to resort to extortion to get Trump to help them bomb Iran. We bombed Venezuela a few weeks ago, no extortion required.
It's far more likely he was did it because Hegseth thought it would be more manly or something more ego driven than extortion. More likely it's just another example of flooding the zone to forget about the Epstein files and the stagnating economy
I've often struggled to find a concise way to say "control public narrative by crowding out other headlines". Thank you for sharing the popular term for this [0].
No problem! It's one of things that when you see it, you start to see it everywhere. The concept also has broad explanatory power: it explains seemingly irrational actions from otherwise shrewd actors such as Elon Musk spending so much on Twitter and a lot of Trump's smaller controversies
Venezuela is in the eastern hemisphere, just like Cuba, and it seems they want to control that entire part of the world. Iran would be of no concern to the US if not for Israel.
> Iran would be of no concern to the US if not for Israel.
This is only true if you completely ignore the Sunni Shia split and our relationship with literally every other country in the Middle East excluding Israel.
Edit:
This is evidenced by the fact that when Iran was attacked by The US and Israel, they bombed a bunch of neighboring countries with US bases. None of those countries have alliances with Israel. (Although they are certainly less hostile than other countries in the region)
I am thinking the theories are true because of the must larger negative repercussions of that action.
They are strengthening the regime (US intelligence services were aware of that before the attack and had informed the president), they are destabilizing all their oil producers, they are risking great economic cost..
It only makes sense if indeed they either extorted him, or if he is indeed demented / deranged.
Picking on someone vastly weaker than you (especially while they're already getting beat up by somebody else) doesn't make you look strong, it mostly just makes you look like an asshole, and probably an asshole who is too scared or too weak to go after somebody who can actually fight back.
This is true, but only for a certain percentage of the US population. Large swaths of this country think that picking on our weaker neighbors evidence of our strength
You make it sound as if Trump is some kind of rational actor who would never willingly put his hand on the stove.
Indeed every negative repercussion you have mentioned has already been previously inflicted on us without any extortion required.
> They are strengthening the regime
Us action in Venezuela has only strengthened the PSUV's grip on the country.
> they are destabilizing all their oil producers, they are risking great economic cost.
Liberation day. Need I say more?
This administration is quite willing to risk stability and the economy to assuage Trump's ego.
I mean he campaigned on stuff like "the so-called enemy doesn’t respect our country any longer." Blaming "Kamala Harris’ weakness" for this loss of respect. What else shows strength like literally blowing up your adversary?
'Drones from ships into California' is just a psi-op for manufacturing consent. This is not our first rodeo. By now, we should know how things work.
It's not in the strategic interest of Iran to do that, and they have been very strategic and rational. It's the Americans who have abandoned rationality. The Iranian goal is very clear: they don't want to sign an agreement and be attacked again in three months or one year.
In order to get that, they want a new security framework in its part of the world. They want Israel to suffer so its population think two times before doing this again. And they want to create enough economic pain to punish the current USA administration, again to teach a lesson.
Go beyond CNN or Fox News, listen to what the Iranians are saying (1).
surely a New York Post article quoting a Fox News "expert" will be factual, unbiased and not at all an attempt to pour more oil into the fire and manufacture consent to bomb a couple more girl's schools.
Sounds like justification for a false flag operation by the US government. How would they transport these massive things and launch them on a different continent? That, or the US is trying to justify that this illegal war is on their doorstep and need to expand their terror.
The drones Iran are using are actually relatively small, you can fit 5 of them into a medium sized truck and they can launch in-situ, which is how they've been using them in ground operations. Doesn't seem that much of a stretch to put a bunch of them into shipping containers.
"Reichstag fire" attempts are definitively a legitimate concern. But as Ukraine has demonstrated, all you need to get a drone army deep into a country attacking you is a regular shipping container.
We never did find out what those drones in New Jersey in 2024 were, did we? One Republican congressman seemed convinced at the time that he'd been informed:
BBC: Mystery New Jersey drones not from Iranian 'mothership' - Pentagon
They were flying over military installations, if they were anyone else's drones, they would have been shot down like the weather balloons that spook the government from time to time.
I feel like that's not realistic, why would they launch drones to California rather than some place like DC or NY. It's a long distance.
I don't even think they'd launch drones to DC either, they seem to be all in on attacking oil infrastructure as well as us bases & defense systems in the Middle East, rather than America.
>why would they launch drones to California rather than some place like DC or NY. It's a long distance.
Because they allegedly have a ship already in the Pacific loaded with drones.
DC and NY are way too far from Iran to launch any kind of attack; the only attack they can possibly do is from a ship, and ships can be anyplace where there's deep enough water.
> Iran plans to launch drones from ships into California
That does not make any sense to me. Does Iran have a bunch of ships in the Pacific? Why? How would they even got close enough to the US coast without being noticed at this point?
I'm not saying it's not true, I just don't understand.
I’ve been seeing stuff saying China is a big customer of Iranian oil, so maybe there are oil tankers heading to China from Iran. No idea if that is actually the case though. I wonder if that Flexport shipping map that was shared here recently has any info?
Yeah that makes no sense. only thing I've heard is they have connections to some cartels in south america. venezuela is gone but I suppose they could hire some local talent and get close enough?
Seems like a really dumb idea right now, unless maybe as a last resort if Trump decides to drop tactical nukes or something
Seems dire but hardly a supply chain disrupting attack. Stryker is a huge supplier but it not as if this will debilitate the medical supply chain completely.
Seems like the hackers found a door they could kick open easily and then justified the action ex-post.
They’ve been around for a while. Threat actors are something that I want our governments to be working on stopping. If they were capable, I would say we should run a government Project Zero but I doubt anyone would do long term service for $70k/yr when they could be making 10x-100x that.
Anyway, the bombings will have to continue till we rubble our enemies.
We had a government agency working on stopping threat actors, the Cybersecurity & Infrastructure Security Agency, but then DOGE ruined it. Now it’s a shell.
Yes, exactly. In the realpolitik of organizational IT security, there's less of an emphasis on making systems more resilient to attack, much more of an emphasis on having an audit trail, so that in case the company is sued over a data breach they can claim "we did the very best that could be reasonably expected of us with the knowledge we had at the time" and provide receipts to back up that claim. Implicit in that claim is also "we used the same tools that everyone else is using so you can't blame us specially for unwittingly choosing something vulnerable to compromise". Hence the proliferation of shitty single-point-of-failure "endpoint security" software that leads to events like the 2024 Clownstrike incident.
> Nuclear weapons are a MAD red line that will result in total annihilation of the attacker. They are only useful in a defensive capacity.
Also in a "if I'm going down, everyone else is going down with me", which is Ian's strategy in this war (for good reasons). If the IRGC had nukes, and was severely threatened (like, killing the Supreme Leader and threatening to kill all of the replacements until they bend to the US/Israel will), they might have decided to go out "with style".
Yes, but the whole point of having nukes as a deterrent is that the US wouldn't have arbitrarily killed their leader in the first place. "If i'm going down, everyone else is going down" is the feature, not a bug.
To be clear I don't like the idea of MAD one bit. But this is indeed how it's meant to work.
Nothing geopolitical about it in the sense I intended, except as a reference to the Vietnam-era catchphrase. It's simply a case of "putting spyware on everybody's corporate PC for security is like fucking for virginity".
They are trying to hurt innocents in retaliation for the US murdering their children. I understand the sentiment, but strongly disagree with acting on it. Ukraine has done a much better (of course not perfect) job of retaliating against military targets in response to russian war crimes.
That’s not the motivation for these attacks at all. They’re waging asymmetric warfare against a much larger and more exposed opponent.
Their goal is to make it too troublesome for the US/Israel to continue attacking them, like a swarm of bees attacking a bear to keep it away from their honey.
Iran is in it to win it and the US is so very obviously not.
The question is if the pressure that Israel can put on the current administration greater than the pressure that Iran can put on America as a whole.
I'm sure that if Iran had the backing of the Western world, and had their surplus of armaments funneled it's way, it would be bombing army bases and refineries and airfields and factories and port facilities in the US.
Unlike Ukraine, it does not, so it seems to be focusing on cyber vandalism and blowing up oil infrastructure in US vassal states, and other low-cost, high-ROI activities.