While we are busy worrying about Kim Kardashian, sound bite politics and banning 64 oz cups of sugary soft drinks, the first super-cyber weapon has been quietly spying on and attacking things it doesn’t like. Huge stealthy computer viruses with capabilities that sound like the stuff of science fiction have been hard a work, collecting data and data and more data, waiting to strike. It is now clear we live in a world at war, cyber war … and this is just the beginning.
While they were busy on assignment from the International Telecommunication Union (ITU), looking for something else entirely, Kaspersky Lab discovered Worm.Win32.Flame – the world’s first super-cyber weapon, which Kaspersky Lab named “Flame.” What makes Flame a super-cyber weapon? Kaspersky Lab says it is highly sophisticated and malicious with complexity and functionality exceeding all other cyber weapons known to date. I don’t know about you, but that sounds pretty scary to me.
Kaspersky goes on to say that while “… the features of Flame differ compared with those of previous notable cyber weapons such as Duqu and Stuxnet, the geography of attacks, use of specific software vulnerabilities, and the fact that only selected computers are being targeted all indicate that Flame belongs to the same category …” It’s just more powerful, harder to detect, harder to understand, bigger and nastier than anything they’ve ever seen.
As best as anyone can tell, Flame “is designed to carry out cyber espionage. It can steal valuable information, including but not limited to computer display contents, information about targeted systems, stored files, contact data and even audio conversations.”
To add to everyone’s anxiety, Kaspersky engineers think that Flame may have been deployed as early at March 2010. Why wasn’t it detected until now? Welcome to the nature of highly complex highly targeted super-cyber weapons.
But this gets more interesting. Kaspersky Lab also posited that Flame was so complex and sophisticated that is must have been created by a government entity. And, as if to validate that assumption, shortly after the Kaspersky announcement, Moshe Yaalon, Israel’s Vice Prime Minister and Minister of Strategic Affairs said, “For anyone who sees the Iranian threat as significant, it is reasonable that he would take different steps, including these, in order to hobble it.” He went on to say, “Israel is blessed with being a country which is technologically rich, and these tools open up all sorts of possibilities for us.”
By now you’re probably wondering how this might impact us here in the United States. That’s the wrong question. The right question is: “How will this impact you?” Here’s why.
Most kinds of malware are colloquially referred to as “computer viruses.” Virus is the metaphor because the computer program exhibits some of the characteristics of biological viruses. Viruses aren’t exactly alive, but they can procreate, replicate, mutate and die. Computer viruses are very, very similar, so the metaphor is a good one.
As you know, almost every civilized society on Earth has banned the use of chemical weapons. Aside from their cruelty, the simple fact is that, once deployed, biological viruses don’t discriminate. They can’t tell friend from foe – right from wrong or good from evil – those exposed become infected. Yes, the metaphor Virus is excellent for super-cyber weapons.
The simple fact is, that the creators of Flame (whomever they are) did not do as good a job as they could have … Flame was discovered. Which begs for the questions, “How many more are out there?” and “What are the targets?”
By far the most disturbing attributes of super-cyber weapons are that intellectual property of this type are neither proprietary nor controllable. You can ban all the cyber weapons you like criminalize them, stigmatize their usage, make all the noise you want – they can’t be stopped until they are discovered. This is an intellectual arms race with zero barriers to entry. You don’t need enriched uranium, you don’t need controlled substances, you don’t need any contraband, you don’t need anything but a laptop and a Starbucks card. (The Starbucks card is for Internet access, don’t start thinking that cyber-terrorists hang out at Starbucks – although they might).
Who are likely targets? Everyone and everything of value, such as: power plants, air traffic control computers, banking computers, digital medical records … and that’s just the stuff that’s easy to imagine. Corporate espionage is going to explode. In the age of big data, information – especially private, proprietary information, is a prime target.
Is anyone safe? No. Is any computer immune? No. Is there anything we can do? Yes. Get the best virus protection you can afford and keep it updated. Purchase cyber-security insurance and comply with the guidelines so your computers and data are as safe as practical. Use common sense and go long on cyber insurance companies and anti-virus companies (This is not financial advice, I’m just trying to be cute. Although both cyber insurance and cyber security will be growth industries over the next 20 years.)
Commenting on uncovering Flame, Eugene Kaspersky, CEO and co-founder of Kaspersky Lab, said: “The risk of cyber warfare has been one of the most serious topics in the field of information security for several years now. Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide. The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country. Unlike with conventional warfare, the more developed countries are actually the most vulnerable in this case.”