How do security experts determine the source of a cyber-attack?
January 12, 2010 8:27 PM Subscribe
There's been a lot of news lately about cyber-attacks out of China. Given how easy it is to conceal the source of an intrusion (e.g., by tunneling through compromised machines in a dozen different countries), how do security experts determine the source of such attacks? Specifically looking for technical answers; I assume some of it is old-fashioned detective work ("who has a motive to break into Free Tibet mailboxes?").