US government cyber attack warnings are hypocritical, claims F-Secure chief

Renowned security expert Mikko Hypponen has publicly given the US government a tongue lashing by claiming its warnings on cyber attacks are hypocritical.

The F-Secure security chief criticised the US Defense Secretary Leon Panetta for saying that the country is on the cusp of experiencing a "cyber Pearl Harbor" in a speech last week.

Panetta had claimed that the US government and critical infrastructure businesses are currently being besieged by state sponsored hackers with potentially dangerous ramifications.

Hypponen responded with a blog post arguing that the threat is far less severe than Panetta indicated, pointing out that state sponsored groups would have little to gain taking out critical infrastructure businesses.

"There are various players behind the online attacks, with completely different motives and with different techniques. If you want to effectively defend against attacks, you have to be able to estimate who is most likely going to attack you, and why," wrote Hypponen.

"A foreign nation-state could probably benefit much more by tapping internet traffic, using the net for espionage or by inserting forged traffic."

Hypponen went on to criticise the US, claiming that as well as being misinformed, Panetta's attempts to portray the US as a victim of state sponsored attacks was hypocritical.

"If we look for offensive cyber attacks that have been linked back to a known government, we mostly find attacks that have been launched by [the] United States, not against them," wrote Hypponen.

"So far, antivirus companies have found five different malware attacks linked to operation 'Olympic Games' run by US and Israel.

"When [The] New York Times ran the story linking US government and the Obama administration to these attacks, the White House started an investigation on who had leaked the information. Note that they never denied the story. They just wanted to know who leaked it."

The F-Secure head closed his attack by warning that the US's trigger happy use of cyber attacks will inevitably come back to haunt it.

"As United States is doing offensive cyber attacks against other countries, certainly other countries feel that they are free to do the same. Unfortunately the US has the most to lose from attacks like these."

The security chief's comments are doubly damning as Hypponen has in the past helped advise numerous US government and law enforcement agencies on how to deal with cyber threats and hackers.

The news follows the discovery of several advanced state-made malwares, including Flame and Gauss. The two malwares were both discovered targeting Iranian agencies and systems and are believed to have been created by the US and Israeli governments.