http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/240145251/report-u-s-israel-fingered-in-latest-data-annihilation-attack.html By Kelly Jackson Higgins Dark Reading Dec 21, 2012 Remember that rudimentary data-wiping malware found on a few computers in Iran this month? Most security experts pegged it as a simple, unsophisticated copycat of more sophisticated data-destruction malware attacks. But in the latest twist, Industrial Safety and Security Source reported this week that the malware was courtesy of a U.S.-Israel attack, citing unnamed CIA sources who also say the attacks preceded the August Shamoon attack that hit Saudi Aramco and Iran's oil ministry. Security researchers are unconvinced, however, noting that malware attribution—especially when it comes to espionage and sabotage—is difficult. And Chester Wisniewski, a senior security adviser for Sophos who has studied the so-called Batchwiper/GrooveMonitor attack, says it's "highly unlikely" that a CIA official would confirm such an attack if it were true. The real problem is "attribution obfuscation," says Roel Schouwenberg, senior researcher for global research and analysis at Kaspersky Lab. "Following Shamoon, I stated we'd likely start seeing a trend where supposed nation-state malware would become more simplistic. Only top teams can develop top malware, such as Stuxnet and Flame. So it's quite clear what type of entity is likely behind it. Simplistic attacks can come from anyone," he says. [...] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.orgReceived on Mon Dec 24 2012 - 02:23:03 PST
This archive was generated by hypermail 2.2.0 : Mon Dec 24 2012 - 02:28:17 PST