The recent discovery and announcement of the new 'Flame" malware is generating quite a bit of mainstream press attention over the last day or so. Haven't heard of it? You probably will soon. It's a very sophisticated piece of malicious computer code (aka 'malware') that, given its complexity, had to be state-sponsored. In other words, this wasn't some basement kid on a lark - someone or something with money is behind this one. It doesn't do any damage per se but it can steal documents and record key strokes so it can listen in on Skype calls and capture e-mail and instant messaging conversations. It even uses bluetooth and can grab data from the computer's camera!
So far, it has primarily targeted computers in Iran and other middle-eastern countries (draw your own conclusions here!) and the estimates are that maybe only 1,000 targets have been infected so far. However, it has been operating undiscovered for several years and, because it is modular, it is easily modified and re-tasked by its controllers.
At this point, none of the major antivirus products on the market can detect or stop this malware. Scary huh? Don't worry... they'll figure it out. The really scary part is - now that the secret is out - that there will likely be many players in the web's black market trying to replicate the techniques used by Flame and incorporate these into future malware attacks. Those are the ones you and I have to worry about.
What to do? The best advice is still "defense in depth". Your business should have multiple layers of protection and, ideally, each layer should come from a different security vendor. For example, you'll have antivirus protection on your desktop systems from one vendor and your incoming e-mail is scanned by another vendor's product. You should have a smart firewall that also has virus, intrusion and spyware protection built in to it. Finally, user education is key. You should have a published Acceptable Use Policy for your office Internet, a good password policy, and staff should be regularly reminded of social engineering techniques used by scammers.
For more information on the Flame virus, check out these two articles:
http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/240001129/flame-fans-notion-of-more-weapons-yet-to-be-found.html?pgno=1
http://www.theglobeandmail.com/news/technology/tech-news/flame-virus-set-to-spread-like-wildfire/article2447114/
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment