Flame cyber espionage weapon sparks overreaction
The cybersecurity community has been gripped by the recent news about the highly complex cyber espionage software called Flame that rocked computer systems across the Middle East.
The cybersecurity community has been gripped by the recent news about the highly complex cyber espionage software called Flame that rocked computer systems across the Middle East. While still early in the investigation and analysis of Flame, it is clear this 20M piece of malicious software has moved the state-of-the-art line significantly to the right with its cyber espionage capabilities. Technical staff with the Security and Engineering Research team at Solutionary have pointed out that a portion of the code within Flame was available via open source and said that even cyber weapons developers are looking for ways to shorten their cyber weapons development cycle and reduce their research and development costs.
Many pundits are now pointing to the Flame incident and proclaiming that we are in a cyber cold war. There are those who believe the cyber cold war started well before Flame and even before the recent Stuxnet and Duqu incidents. We need to bear in mind that history has shown that there are cyber incidents that hit (five or eight years ago) sensitive government, military and intelligence systems that are not discussed in public that are equal to or even worse than the Flame incident. Those attacks are what ushered in the cyber cold war we know today. Flame is just another one of the many acts of cyber aggression that occur daily. The difference is the magnitude of public attention this one is being given. In less than 12 hours the Web news coverage of Flame doubled and total Google hits returned on Flame Malware now exceeds 1.3 million.
The blame game has begun with Israel being the first to be pointed to as being the nation behind Flame. Many believe it is only a matter of time before the United States is named as being a part of this act of cyber aggression. While Flame is at the top of the discussion list in the tech sector, it is absent from the list of top worldwide news stories. I guess no one believes that a cyberattack like this could escalate to a kinetic exchange or be considered an act of war.