[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 30/05/12 09:56, Martijn Grooten wrote:
On Wed, May 30, 2012 at 6:11 AM, Simon Waters wrote:Not saying it isn't well engineered, just that there isn't enough evidence in the reports.I doubt there will ever be. Every expert 'knows' Stuxnet was written by the American and/or the Israeli government. No one can prove that though. I think Flame will be a similar story.Mostly it tells you that current anti-malware practice isn't terribly good, in that it went undetected for so long.That's a good point and one I've seen people from within the anti-malware industry make, but it's not an entirely fair criticism: it only shows that if you've got enough resources you can defeat/evade security software. 100% security doesn't exist so it's a matter of putting the threshold so high that it's not worth the attackers' effort. If the army of a major country have a reason to attack you, it's damn hard to put the threshold that high.Nothing I've seen discusses how it gets the data it steals back, presumably this to is a pluggable module (would make sense), so possibly it varies with installation. Nor how it is so targeted if it spreads in virus like fashion. I suspect those two are rather sensitive bits of information for those infected.People expect full analysis of what Flame is capable of doing may take months, perhaps even years. I've seen reports that mention a command and control server so I presume that's how data is stolen. It is a worm rather than a virus in that it spreads itself but doesn't infect existing files. Targeted worms aren't new. A worm could be targeted at a specific organisation and then spread itself inside the organisation's network.Plenty of well funded organisations are interested in the Iranian oil ministry and middle Eastern politics, they are call oil companies or investment companies that trade in the oil markets. Indeed these days a lot of them have more money than many national governments, or at least less debt.I doubt many, if any, companies have the resources that the US army has. They are also pretty good at keeping things secret. Martijn.
Thanks for your comments guys. I found them interesting and a little bit scary! lol. Perhaps we will see an increasing number of similar attacks in the future.....
Meanwhile, I am carving my secrets into tablets of stone and locking them in my shed. Doh! Shouldnt of said that. lol
Cheers roly :-) -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq