I think you’re coming at it the wrong way. It’s not going to be one, or a couple of dudes behind a screen like in the movies. It’s ran autonomously for as long as possible. Gathering information on easily accessible devices and the like. Any information gathered is information that can be sold, or used otherwise depending on what they’re grabbing. -- Ryland From: Peter E.Fry<mailto:pfry@tailbone.net> Sent: Monday, December 14, 2020 8:55 AM To: nanog@nanog.org<mailto:nanog@nanog.org> Subject: "Hacking" these days - purpose? Simple question: What's the purpose of obtaining illicit access to random devices on the Internet these days, considering that a large majority of attacks are now launched from cheap, readily available and poorly managed/overseen "cloud" services? Finding anything worthwhile to steal on random machines on the Internet seems unlikely, as does obtaining access superior (in e.g. location, bandwidth, anonymity, etc.) to the service from which the attack was launched. I was thinking about this the other day as I was poking at my firewall, and hopped onto the archives (here and elsewhere) to see if I could find any discussion. I found a few mentions (e.g. "Microsoft is hacking my Asterisk???"), but I didn't catch any mention of purpose. Am I missing something obvious (either a purpose or a discussion of such)? Have I lost my mind entirely? (Can't hurt to check, as I'd likely be the last to know.) Peter E. Fry