Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Obama Order Sped Up Wave of Cyberattacks Against Iran

From: "Nick FitzGerald" <nick () virus-l demon co uk>
Date: Mon, 11 Jun 2012 14:47:20 +1200
Laurelai wrote:


... really i ask a
simple question on how to avoid state sponsored malware that runs
exclusively on windows platforms and not a single one of you said
anything about using an alternate OS, some of you insisted in fact we
should just lie down and take it. You aren't security experts you are
scam artists. Makes me wonder if you are paid to act this way or if you
all really just didnt consider it. Either answer is pretty chilling.


I was trying to keep right out of this one, but...

OK -- that was not actually quite what you asked, but as you have now 
asked it this way, I'll reply to this version of your question.

The "state-sponsored malware" you're talking about arose as part of a 
plan to execute a (more-or-less) targeted attack.  That meant that it 
had to target the OS of the intended victim(s).

Not much use writing a brilliant attack against IIS 7 when the target's 
webserver runs Apache 2.2.21 on some BSD.

"Not running Windows", as a general policy to adopt in order to prevent 
yourself or your organization from potentially feeling the unintended 
side-effects of some state-sponsored malware "going feral", will likely 
be about as useful as "not running Windows" as a general policy to 
avoid malware (under the assumption that likely targets of state-
sponsored malware will sample target platforms in roughly the same way 
that the rest of the population will).

As changing the whole of your IT infrastructure, recovering the value 
of the training, experience, etc of your staff in using that 
infrastructure, etc, etc, is something that most organizations either 
have not consdered, or have considered and (mostly) rejected, you will 
have to show us a major additional increase in risk that state-
sponsored malware brings to the table before the ROI of changing IT 
infrastructure starts to stack up economically.

Just tacking the adjective "state-sponsored" in front of the term does 
not do that (well, except, perhaps, for a few folk at the really mal-
adjusted ends of some or other psychiatric spectra).



Regards,

Nick FitzGerald


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: