-
A lot of state sponsored activity is outsourced to third parties to create a plausible air gap between the activity and the state in question. The third parties are given a lot of freedom to do things that states couldn't legally do.
And sometimes then get hired by the targets to figure out what happened.
Stonehedge-
johntravolta_pulpfiction.gif
-
Not really.
The people I chat with have a very deep understanding of the countries that they live in, the legal domain, their allegiance. They know that they themselves are known.
They know which side their bread is buttered and none want to spend a long time in the legal system or prison. So no... they don't work for any clear idea of "the other side".
If anything, many of these people are more likely to be the political idealists in our own countries, and so the principles and ethics of countries like Russia, China, etc are very very far from where their head space is at.
Bear in mind some people make bank, most give their time and energy for free - payment isn't the overriding motive here. Just some are very good at knowing their worth is temporarily high.
kboy
Velocio
From direct experience and knowledge of some individuals working on state things... this is very very true.
A lot of state sponsored activity is outsourced to third parties to create a plausible air gap between the activity and the state in question. The third parties are given a lot of freedom to do things that states couldn't legally do.
If I actually met anyone for a beer any time soon I'd share some of this stuff, but it's not for posting on the public internet.
The gist: The gov do not have the best tools, people, skills, abilities here... but they do have deep pockets and the ability to turn the other way... so the people they hire are the infosec people who walk a very very fine line between landing themselves in jail, working at high tech startups, and speaking at defcon.