14 DAY TRIAL // The European Network and Information Security Agency (ENISA) has published a 6-page report entitled “The threat from Flame,” which represents a short analysis of the risks posed by the now-infamous malware.
According to the security agency, Flame, or Flamer as it’s mentioned in the paper, is a “state of the art spying virus” that should remind us of the weaknesses in cyber defenses.
The report highlights the fact that it’s difficult to attribute Flame to a certain country or organization, but the analysis made by researchers so far has showed the fact that it’s most likely an espionage tool designed to steal information from computers located mainly in the Middle East.
The fact that the malware is highly modifiable and extensible, uses advanced techniques, and has been infecting computers for at least two years has also been outlined in the paper.
“While we have defence mechanisms for large-scale phishing and email scams, based on collective spam filters and anomaly detection, we are vulnerable to targeted phishing emails,” ENISA states.
The organization also cites F-Secure’s Mikko Hypponen, who brought into perspective the fact that signature-based antivirus solutions are unable to block sophisticated targeted attacks.
“Flamer should serve as a reminder to continue to improve the resilience of critical infrastructure and services, not only to weather physical disasters or system failures, but also to withstand and respond to cyber-attackers with advanced skills and vast resources.”
The agency also highlights the need for better communication between Member States when it comes to the sharing of threat information.
In the meantime, security researchers keep finding new clues to the origins and the functionality of Flame. Symantec has discovered that it comes with a “suicide” feature, and even more interestingly, both Bitdefender and Kaspersky have managed to find a clear connection between it and Stuxnet.