When I read some of that stuff back in 2010 I was curious why some of the targets didn't try to understand how they were compromised and then publish the details. Especially attacks with such an, errr, tangible vector of infection.
Clearly some attacks are quite stealthy and difficult to characterize, but some are not, and in the 2010-era reporting about Chinese computer espionage against travelers to China many targets seemed to believe that they had confirmed the compromises.
So people could have taken a computer with some extra sensors or logging processes, a different OS than usual, and then publish the results, helping defend similarly situated others, including their own coworkers. If they believe the attacks are pervasive today, they could do this today.
Clearly some attacks are quite stealthy and difficult to characterize, but some are not, and in the 2010-era reporting about Chinese computer espionage against travelers to China many targets seemed to believe that they had confirmed the compromises.
So people could have taken a computer with some extra sensors or logging processes, a different OS than usual, and then publish the results, helping defend similarly situated others, including their own coworkers. If they believe the attacks are pervasive today, they could do this today.