This is also known as biting the hand that feeds you. Pegasus has been in the 'wild' for a few years now, and from what I hear, being widely used by a 'number' of players.
This is the problem with trust groups that are not purely based on individual relationships. Problem is you need these institutional trust groups too. But you can never have the same level of trust with an institution because institutions are big and the people in positions change.
The only way to stop this is to make the cost of insecurity excessively painful that no one ever thinks of doing the same again. Cutting all of Columbia off from SWIFT for a week and blocking all governmental access until a new president is sworn in might do it.
The EU could take action on SWIFT, but the crime isn’t egregious enough for that. Hell, the EU only took action against Russian banks in SWIFT after a full-scale invasion. Now, suspending them from Egmont? That’s more likely. But again, was he offense egregious enough? T
The point of the over reaction is to stop it from happening again. If the president of Columbia can get away with only a slap on the wrist then some other pol somewhere else will do something worse. The fact that large groups fail to enforce these kinds of normes leads to the group failing because, as you note, no one will feel comfortable sharing sensitive data in the future
I am in a trust group that expelled someone for a year for inadvertently leaking stuff (manager got a CC of email (while he was on vacation, IIRC) and manager then did a bunch of stupid stuff that ended up spreading that info all over the tech press). The point was not just to punish that individual but to remind the rest of us to make sure we knew who could read our emails.
This is also known as biting the hand that feeds you. Pegasus has been in the 'wild' for a few years now, and from what I hear, being widely used by a 'number' of players.
Mostly bad ones. Yep.
This is the problem with trust groups that are not purely based on individual relationships. Problem is you need these institutional trust groups too. But you can never have the same level of trust with an institution because institutions are big and the people in positions change.
The only way to stop this is to make the cost of insecurity excessively painful that no one ever thinks of doing the same again. Cutting all of Columbia off from SWIFT for a week and blocking all governmental access until a new president is sworn in might do it.
The EU could take action on SWIFT, but the crime isn’t egregious enough for that. Hell, the EU only took action against Russian banks in SWIFT after a full-scale invasion. Now, suspending them from Egmont? That’s more likely. But again, was he offense egregious enough? T
The point of the over reaction is to stop it from happening again. If the president of Columbia can get away with only a slap on the wrist then some other pol somewhere else will do something worse. The fact that large groups fail to enforce these kinds of normes leads to the group failing because, as you note, no one will feel comfortable sharing sensitive data in the future
I am in a trust group that expelled someone for a year for inadvertently leaking stuff (manager got a CC of email (while he was on vacation, IIRC) and manager then did a bunch of stupid stuff that ended up spreading that info all over the tech press). The point was not just to punish that individual but to remind the rest of us to make sure we knew who could read our emails.