In an interesting article on Dark Reading, the article discusses the concept that some of the recent hacks against nation states may not be by the people claiming the hack…a false flag in a cyber way. In fact the article cites an instance where those claiming to be from Iran targeted China in which case China hacked back. The article cited Cesar Cerrudo, CTO for IO/Active Labs stating:
Take the hack that took down China’s Baidu search engine in early 2010. A group claiming to be the Iranian Cyber Army said it had downed Baidu, prompting retaliatory hacks by Chinese hackers against Iranian sites. “The Chinese were surprised that Iranians had attacked them,” he says. “After that, the Chinese attacked Iran.”
But it turns out it wasn’t actually Iran behind the Baidu attack, Cerrudo says. “Someone else attacked the Chinese to get them to attack the Iranians. Maybe it was a test or some sort of experiment,” he says.
The article concludes that not all the recent hacks may be from those claiming responsibility, but rather a means to get “hack-back” attacks against designated targets.
It would seem that there is social engineering on a grand scale going on and that this should be no surprise…