Comment on In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network

<- View Parent
halcyoncmdr@lemmy.world ⁨4⁩ ⁨days⁩ ago

Spoofing a MAC is easy but it still requires knowing both what an existing valid address is, and ensuring that it’s not already connected to the network. It’s only operational overhead when a new device is onboarded, after that the impact is minimal.

A policy that requires sending a tech is fine, but if you have hundreds or thousands of individual locations then you aren’t going to have a tech onsite at every one of them to quickly check and fix an issue, and you don’t really want to have to trust an end user to verify and/or make physical changes on site if you can avoid it.

source
Sort:hotnewtop