> What would a perfect attacker do?
If you had physical access to the computer, some sort of bus interception to exfiltrate data from the machine.
replies(2):
If you had physical access to the computer, some sort of bus interception to exfiltrate data from the machine.
Unless they are very closely supervised they can do a lot of damage without anybody being the wiser until they get caught. I've been in (nominally very secure) DCs on behalf of customers and I've seen:
- unlocked racks
- doors open
- temporary network cables and keyboards, monitors and mice attached to running systems
- systems logged in left unattended
- floor panels raised up and left open unattended exposing cabling
- meet-me rooms with interfaces exposed (gear in racks without doors)
DC personnel tends to trust each other, and they probably shouldn't. But it's hard to be part of a closely knit crew for a long time without getting into a 'get stuff done' mode where protocol and rules are there in principle but less so in practice because it is seen as an efficiency penalty. It's another instance of the 'normalization of deviation' phenomenon.