In regards to the Pi, I worked for a bank until recently that absolutely would not have discovered it. I was dealing with IAM, not network security, but the guys who were were drowning and the structures were not in place to automatically flag this, so I’m pretty sure it’d just live on…
I think outside of big, solid corporate and very tech-heavy smaller firms, this kind of approach would rarely be discovered.
In regards to the Pi, I worked for a bank until recently that absolutely would not have discovered it. I was dealing with IAM, not network security, but the guys who were were drowning and the structures were not in place to automatically flag this, so I’m pretty sure it’d just live on… I think outside of big, solid corporate and very tech-heavy smaller firms, this kind of approach would rarely be discovered.
In most cases I would agree.
In the instance of a heavily secured state-of-the-art datacenter with armed guards it should’ve gotten flagged immediately.
Then again thats assuming the people in the SOC aren’t massively overworked and were paying enough attention of course