Cyber Warfare and Collateral Damage: “Flame” Malware Heats Up Data Security Threat
Cyber Security experts have discovered new malware that is unique in its sophistication and frightening in its capabilities. The malware, known as “Flame”, was found during an investigation by Russia-based Kaspersky Lab, and may have been running undetected for more than two years. Flame has set off alarm bells due to its complexity and because it appears to be part of a coordinated, ongoing cyber espionage program.
Security experts believe that Flame was designed to steal any and all data that it can find. Flame can remotely change settings on computers, turn on a computer’s internal microphone to record conversations in the room, take screen shots, log instant messages and scan for bluetooth enabled devices. All of this captured information is sent remotely (and discretely) to command and control servers operated by Flame’s masters.
Thus far, Flame has been found mainly on computers throughout the Middle East, including Iran, Israel and Syria. Based on its sophistication and the geography of the targets, experts suspect that a nation-state (or states), as opposed to cyber criminals, may be behind Flame. Adding to the uncertainty, experts are unsure how it is deployed or how it spreads. Due to the nature of the threat, the UN plans to issue its most serious cyber warning to date.
With Iran as a target and the signature of nation-state involvement, Flame brings to mind the malware known as Stuxnet. Stuxnet was used to infiltrate industrial equipment in Iran, causing the destruction of centrifuges used to enrich uranium (a precursor to building nuclear weapons), by forcing them to spin out of control.
Now some of you may be reading this thinking, I’m not Iran and my company is not a threat to other nations, so why should I be concerned? The difference is, unlike Stuxnet (which had a specific target and affected only industrial equipment made by Siemens), Flame affects many types of computers, including Windows Operating systems and is broadly targeted. So once Flame is in the wild (as it now appears to be), it is not a huge stretch for cyber criminals to attempt to use Flame, or a derivation thereof, in order to steal financial data and/or personal information for monetary gain.
Although emerging malware threats are always a concern when it comes to data security, the lesson from Flame is to ensure that your systems are secured with the latest patches and anti-virus software. While it may be virtually impossible to protect your data against sophisticated nation-state class cyber weapons, the latest patches should provide some level of protection against known threats by cyber criminals. Additionally, it is always good practice to retain as little personal information as possible on any systems (particularly those connected to the Internet) and to encrypt data stored on servers as well as any data in transit. These security precautions may help to avoid your data becoming collateral damage in the midst of cyber warfare.