Just a long-form quote this time, by Norm Laudermilch:
In addition, we should stop using the term “advanced threat” to describe the threats we see every day. It’s too common to hear a recently breached company point to a “very sophisticated cyber attack perpetrated by a nation-state”, which makes it sound like this was something undetectable and impossible to stop. Gartner analyst Neil MacDonald calls this the “dog ate my homework” excuse. More likely we find that it was just another piece of malware cranked out by one of the latest exploit toolkits, delivered via spear-phishing or targeted malvertising, perpetrated not by highly advanced nation-state adversaries but by comparatively low-tech cyber crime gangs. Even if a nation-state attacker crafts an extraordinarily unique and complex malware payload, they’re probably using the common delivery vectors mentioned above. Why? Because these attacks work every time.
Emphasis mine and I second. Until quantumcrypto is cracked, each, any and all cracks are of sophistication Zero. Or One, at most. Combining the most basic of ‘attacks’ i.e. exploits of negligence. Read the full article, and agree. Oh, and [self-plug] there could be side benefits in sloppiness, like this – IF deployed properly. And have your press release at hand, like this one.