Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Data Security / Avoiding the Burn of Flame Malware
Avoid Getting Burned by Flame Malware
Avoid Getting Burned by Flame Malware
By Jennifer LeClaire / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
The incredibly sophisticated and dangerous Flame virus has already been responsible for impacting the oil industry and spying on Mideast computers. But what happens if it spreads even further, and who is to blame? Researchers are still looking for clues, but few are surprised by the outbreak.

Last week, McAfee -- which dubs itself as the world's largest dedicated security technology company -- released its first-quarter 2012 threats report, highlighting an increase in malware across all platforms. The report shows that, in the first quarter, PC malware reached its highest levels in four years, with a steep increase in malware targeting the Android platform. Mac malware was also on the rise, indicating that total malware could reach the 100 million mark within the year.

"In the first quarter of 2012, we have already detected 8 million new malware samples, showing that malware authors are continuing their unrelenting development of new malware," said Vincent Weafer, senior vice president of McAfee Labs.

A U.S. Threat?

It appears that the Flame virus, which has been topping news reports for the past week, may have been used for espionage in the Middle East for years. Iran has disclosed that Flame infected computer systems controlling the flow of oil in that country, and it was forced to cut Internet links to its main oil export terminal to try to contain the virus.

The virus appears to be the work of a well-funded organization, possibly a national government. It is reportedly capable of logging keystrokes, taking screen shots, using a computer's audio system to listen into conversations or Skype calls, and even to tap into nearby Bluetooth-enabled cellphones.

We caught up with Neil Roiter, director of research at Corero, about Flame. He told us Flame is remarkably sophisticated and can be used against a variety of targets.

"Learning that Flame has been in use for two years, perhaps longer, underscores concerns that similarly complex malware could be directed against U.S. companies, institutions and government agencies," he said.

"Organizations should not be lulled by the fact that this particular malware has been used against selected targets -- primarily in the Middle East," Roiter said. Instead, they need to "increase vigilance in network monitoring and analysis to detect anomalous, surreptitious activity within their perimeters."

Keeping a Low Profile

We also asked Gunter Ollmann, Damballa's vice president of research, to discuss his insights regarding Flame. He cautions our readers against some of the jumps people are making related to where the threat is coming from. As he sees it, the actors behind this threat have successfully managed their targets and victims, keeping a low profile and not going for the masses or complex setups.

"The collection of files doesn't point to anything not already seen in most common banking Trojans or everyday hacking tools," Ollmann said. "This doesn't make it less dangerous, it reflects the state of malware development -- where 'advanced' features are standard components and can be incorporated through checkbox-like selection options at compile time."

Protecting Against Flame

Troy Gill, a security analyst at AppRiver, offers some wisdom in the form of dos and don'ts when dealing with the likes of Flame. For example, Gill said busy network admins should keep up-to-date with the organization's disaster recovery plan, keep systems upgraded and give employees access only to the information that's required to perform their jobs.

"Know your employees and educate them. So many employees are unaware of the threats that are out there. Take the time to educate them on these threats," Gill said. "The use of a reliable Web filter can block malicious Web pages when an unknowing victim is attempting to access them. Many of these infections lay in wait on trusted Web sites that would ordinarily be harmless."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.