Stuxnet, Flame and now Gauss – three cases of malware that have lead specialists at SecureList.com and Kaspersky Lab to point the finger at nations who are using these sophisticated malware as a way of launching attacks and surveillance on specific targets.

For years, the primary source of malware and viruses has been two main groups: hackers/hacktivists and cybercriminals. Malware and attacks created from these groups of individuals are commonplace and today’s digital security software is used to dealing with new threats from these sources.

The worrying factor is the rise of a third source of malware: nation states.

Countries are sponsoring malware attacks

The nature of the malware from nation states is not fundamentally different from hacktivists or cybercriminals, but the thought that sovereign nations are adding to the malware problem is worrying, especially considering that the complexity and functionality of the malicious programme exceeded those of all other cyber menaces known to date,” says Sergey Novikov, head of the Global Research & Analysis Team at Kaspersky Lab.

The Flame attack toolkit is designed to intercept network traffic, record audio conversations, log keystrokes and screenshots and transmit this to operators at a control point. Imagine the impact of this if it accidentally got into a company and recorded and transmitted confidential intellectual property.

“It is these kinds of spill-over casualties that concern us and we are trying to illustrate to end users and resellers the importance of a quality digital security solution,” remarked Lee Milroy, chief executive officer of Secure Lab, local distributors of Kaspersky Lab products. “While we are impressed that Kaspersky Lab played an important role in detecting and exposing these viruses, it still doesn’t take away from the risk to businesses that countries are now using malware that can attack anyone.”

Business Security Strategies Offer Increased Protection

Software solutions such as Kaspersky End Point Security 8 do offer robust protection against these kinds of complex malware attacks. However, as Milroy notes, deploying this without a proper IT security framework lowers its effectiveness.

“If you look at Flame’s main ways of spreading… it’s through either the internet, email or an infected USB storage device. If businesses implement proper security strategies through limiting storage devices or even proper email policies, they dramatically improve the effectiveness of their anti-virus solution.”

Milroy also noted that proper training and education on how software such as that offered by Kaspersky Lab is also an important part of increasing protection.

“You can’t protect yourself if your technicians don’t know how to use the software. Flame has the potential to spy on your entire enterprise by accident and if your IT department hasn’t deployed your anti-virus solution properly, then you’ve got a false sense of security.”

“It’s with a combined strategy of the right software, trained operators and a proper security policy that companies can rest easy against this form of state-sponsored digital attack. And these kinds of attacks are only going to get worse.”

Editorial contacts
Chaque Risi
Projects Director
011 454 4408
chaque@activebrand.co.za

About
Secure Lab is a leading southern African service-focused distribution partner that helps resellers grow their IT security business, through relationships and best-of-breed products. For more information visit www.securelab.co.za.

Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for consumers, SMBs and Enterprises. The company currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.co.za.

The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2010. The rating was published in the IDC report Worldwide IT Security Products 2011-2015 Forecast and 2010 Vendor Shares – December 2011. The report ranked software vendors according to earnings from sales of endpoint security solutions in 2010.