(Page 2 of 2)
Keeping a Low Profile
We also asked Gunter Ollmann, Damballa's vice president of research, to discuss his insights regarding Flame. He cautions our readers against some of the jumps people are making related to where the threat is coming from. As he sees it, the actors behind this threat have successfully managed their targets and victims, keeping a low profile and not going for the masses or complex setups.
"The collection of files doesn't point to anything not already seen in most common banking Trojans or everyday hacking tools," Ollmann said. "This doesn't make it less dangerous, it reflects the state of malware development -- where 'advanced' features are standard components and can be incorporated through checkbox-like selection options at compile time."
Protecting Against Flame
Troy Gill, a security analyst at AppRiver, offers some wisdom in the form of dos and don'ts when dealing with the likes of Flame. For example, Gill said busy network admins should keep up-to-date with the organization's disaster recovery plan, keep systems upgraded and give employees access only to the information that's required to perform their jobs.
"Know your employees and educate them. So many employees are unaware of the threats that are out there. Take the time to educate them on these threats," Gill said. "The use of a reliable Web filter can block malicious Web pages when an unknowing victim is attempting to access them. Many of these infections lay in wait on trusted Web sites that would ordinarily be harmless."