Posts
Kaspersky's Problematic "Flame" Analysis
 |
| Countries infected by Flame (SecureList 28MAY12) |
You've also wrongly simplified the scope of cyber actors out there to three when it has never been that cut and dried:
Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states. Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group.You've conveniently failed to mention an important fourth category: mercenary hacker crews - principally from Russia and the Commonwealth of Independent States - who steal IP and sell it to both corporations and governments. Crews that would love a tool like Flame and who, in my opinion, are the most likely actors involved in using such a tool. If you'd be forthcoming with more information - such as Flame's Command and Control server URLs - a lot more could be learned about who may be behind this virus.
UPDATE (31 MAY 2012): See my related article "Flame, Russia and the ITU: A Geopolitical Agenda?"
Well yes but ...
ReplyDeleteBut isn't espionage a form of "economic warfare"?
And then there's your post from march 20th of this year:
ReplyDeletehttp://jeffreycarr.blogspot.ca/2012/03/open-source-offensive-methodology-to.html
Indeed, it is an insult to the skills and creativity of individuals to claim that it takes the resources of a nation state to produce complex software. Leaving aside the complex software produced by commercial 'for-profit' organizations, there is a lot of open source software that has been developed 'in spare time'. Further, there is code that generates code - and some of that generated code is very complex and rococo.
"War" and "warfare" are used way too much, in my opinion. Rather than economic warfare, I'd call it competitiveness.
ReplyDeleteAn infostealer tool is a weapon in the same sense a FLIR recon and targetting pod attached to a fighter-bomber plane is a weapon. There is already something cyber out there, which targets and attacks Flamer-identified targets and probably causes some "collateral damage".
ReplyDeleteEugene Kaspersky is very nice to warn of a need for a cyber-weapons treaty. Russia will suffer the least in a cyberwar: not net, no mobile phones, let's go drink vodka! They will keep heroicly fighting the foreign invaders of their sacred lands, even if there is no longer a link to their higher command, just like in the war-time novel "Volokolamsk Highway".
Infinitely large Mother Russia is inconquerable in any way or shape, so KL needs not worry for himself and his people, but for the well-being of the entire planet - therefore a cyber-weapons limiting treaty is needed and needs to be kept up with UN inspections!
On the other hands, noticing there is no net and no mobile, developed people like finns and americans will jump from windows of skyscrapers. USA is the most vulnerable to cyber strikes, many there will think the Rapture has started when e-war arrives to their shores.