I hope you all heard about the new Flame, the so called “mother of all cyber weapons”, which takes the cyberwarfare to a new level. But what does Flame mean to all of us?
We have some good news, and some bad news. The good news is that all of the antivirus companies are implementing, or they have already implemented Flame detection tools in their systems, and additionally, BitDefender released a free tool which removes the scariest cyber espionage tool ever. Then you might ask, what’s the bad news?
There are two things that should be taken on consideration. First of all, there is a belief that this malware is produced by a nation state. What that means, is that this malware has the government’s backup, and probably not only by one nation. Secondly, the Flame has been around for at least two years, and possibly even seven or eight years, but we’ve caught it only last week. These two things make this malware, literally, the scariest cyber weapon we’ve ever seen.
When there is a huge possibility, that other governments are using similar “products” and are undetected for years, that get’s to a conclusion – we have to change our attitude towards cyber security. You have to remember, that there is a possibility, that your computer is infected by a nation-state malware that nobody knows anything about (well, that’s not likely, but it’s possible). We think that would change your behaviour on the Internet, if you would know that. Won’t it?
So it’s a fact, that having an antimalware product isn’t enough. But the malware industry doesn’t suggest that it should be. Probably we should reverse our thoughts about protecting our computer. We should only allow the good programs to perform, rather than blocking the bad. However, even that doesn’t guarantee you a unbreakable protection. We believe that the best way to act on the internet is to assume that you are already infected with something.
Many security experts believe that we have to monitor and improve the correlation techniques of our IT log data. Some of the company’s security probably don’t even realise when they are attacked by sophisticated cybercriminals. That’s why we recommend acting as if the attackers are already inside. That will help to improve the overall security level of the IT sector.
Flame is probably just the tip of the iceberg. So back to the original question – why is it so dangerous? Because that means that the security threats are way more complex than we thought before. We need to stop relying on the anti-virus software and start making our own protection barriers against the cybercriminals.