Cyber weapons do not exist, claims F-Secure

Firms are misguided to fear government-made malware like Flame and should be more concerned about the ongoing threat of cybercrime, according to F-Secure security analyst Sean Sullivan.

Sullivan made his claim during an interview with V3 regarding the company's mid-year threat report on Monday.

"Defining what a cyber weapon is, is next to impossible," Sullivan told V3.

"Tech cyber guys talking about cyber weapons are discussing something that doesn't exist, it's code and tech, so really it's what you do with it that matters."

Sullivan's comments relate to the slew of recently uncovered government-funded cyber attacks, like Flame, Guass and Stuxnet.

The F-Secure analyst went on to warn that businesses are being misled into focusing on the new highly complex malwares, and should continue to focus on protecting themselves from regular cyber criminals.

"Flame and Gauss affected a few thousand people at most, state actors really aren't something most people should worry about," said Sullivan.

"The problem is what cyber criminals do with [government-funded cyber attacks]. The real problem is that governments do the research and development work on these malwares and give cyber criminals ideas."

Sullivan went on to warn that attacks like Flame and Stuxnet will lead to a rapid increase in the complexity and sophistication of cyber criminals' techniques.

"These underworld types see how they're meant to be doing it and are going to work towards copying it," he said.

"Take the Flame certificate spoof, where it pretended to be Microsoft. Criminals are practical, they see something like that and think they should be doing the same thing. It won't have an immediate effect today, but tomorrow it will have a very significant effect."

As well as its findings on Flame, F-Secure's threat report also highlighted the growing threat facing Apple Mac users, mirroring Kaspersky researcher David Emm's previous claim that the platform is no longer safe from cyber criminals.

A marked increase in the number of attacks using exploit kits, like Blackhole, was also reported in the paper. Earlier in the year, Mikko Hypponen, chief research officer at F-Secure, had prophesied the increase during a tour of the company's Helsinki lab.