Security Companies Accused of Exaggerating Iran's Cyberthreats Against the US

An anonymous reader writes: A widely-read report accusing Iran of hundreds of thousands of cyberattacks against the U.S. is being criticized as hugely inaccurate as well as motivated by marketing and politics, according to a new whitepaper and critics around the security industry. The original report, solicited by a conservative think tank and published by Norse in the lead up to the RSA Security Conference, hit the front page of the New York Times by calling handshakes and network scans "sophisticated cyberattacks."

Re:Well Duhhhhhh

Worse than that. Exaggeration is most of what the computer security industry consists of. It's filled with s'kiddies bored to tears of the tedium of their existence, calling themselves "hackers" to nicen up the blogposts detailing with loving care all the tiny aspects of something new-ish that lightened up their day.

Hollywood didn't help, nor did journos barely understanding what they were supposed to be reporting on. And now governments got involved, so government money is up for grabs. You wouldn't believe the money available for someone purporting to offer a solution to self-invented "problems" that even merely appear to be related to the latest defense topic, like "cyberspace".

In that sense, the entire industry keeps on selling digital bomb dowsing rods, with marketeering materials to match, of course.

Not surprised

[dkatana]

Not only security companies, but also the US government. There is a clear interest to make sure the new Cybersecurity bill will not be stopped in Congress, and they'll do anything to make it happen. Same as with the NSA massive spying they want strong laws protecting their ability to control anyone, anywhere.