All the latest UK technology news, reviews and analysis


Industry needs to take notice of Flame’s wakeup call

18 Oct 2012

V3 reporter Alastair Stevenson photoMonths have passed since Flame malware was caught targeting Iranian systems. Flame has been dubbed one of the most complex and dangerous to date pieces of malware ever, because of its advanced espionage capabilities.

Numerous vendors have cited Flame's existence as proof that traditional security measures aren't good enough. And now with the numerous other high profile, super-advanced malware appearing, like Gauss, I have to say I can see their point.

The security industry lacks adequate defence mechanisms to guard against such threats. That is alarming.

This was really brought home to me in June during a speech by F-Secure, which called Flame the James Bond of malware, because there is little security vendors can do when faced with its presence. F-Secure made urgent calls for the security industry to beef up its current defence model.

At the London RSA Conference in October, such calls had grown into a full chorus, with old guard security vendors like RSA and Symantec adding their own two cents.

Such vendors have said security against Flame-like threats can be improved immediately if the security industry enlists the help of businesses. Crucially, to combat threats, businesses must be willing to share information with competitors regarding data breaches.

This intelligence will allow IT security firms to crack down on new threats faster, possibly before the hackers can pull the same trick on another business and create widespread damage.

Yet to my amazement, despite the numerous warnings by the security vendors, businesses have been incredibly slow to pick up on the call for change, take action and talk to each one another.

One potential reason for this is that businesses carry an outdated notion that suffering a data breach is something to be ashamed of and hidden at all costs.

The problem is, by taking this head in the sand approach to cyber security, British businesses aren't just hurting themselves, they're also helping give hackers the edge.

Worse still, this problem is only likely to intensify in the future.

Until now, advanced threats like Flame have been state sponsored. But security vendors have warned, time and time again, that it is only a matter of time before criminals start learning from threats like Flame, and start integrating elements of its sophisticated malware into their own attack tools.

In fact, according to RSA, this has already happened. So we have state actors now collaborating with the criminals.

Considering the fact that the bad guys have managed to find some common ground in order to working together, it's pretty amazing that most businesses haven't cottoned on to the benefits of doing the same thing.

Hell, even the UK government started to realise the scale of the problem, with cyber spy GCHQ feeling the need to release a set of cyber guidelines - which surprise, surprise are pretty much in line with the advice security vendors have been giving UK businesses all this time.

While I understand the fact that businesses are justifiably hesitant regarding the security vendors' warnings, considering the current lay of the land, we'd expect them to at least consider a new approach.

Here's hoping it won't take a full blown disaster to knock businesses out of apathy and finally update their defences - though considering their current hesitance, it probably will.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 7 end of mainstream support

What are your plans for when Microsoft ends mainstream support for Windows 7 in January 2015?
7%
8%
1%
71%
13%

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Dynamics CRM Developer (C#, .NET, Dynamics CRM 2011/2013)

Dynamics CRM Developer (C#, .NET, Dynamics CRM 2011/2013...

Service Desk Analyst / Helpdesk Analyst - Legal, MS Office 2010, Windows 7

Service Desk Analyst / Helpdesk Analyst - Legal, MS Office...

Helpdesk / Desktop Support Analyst - Legal, Windows, MS Office 2010

Helpdesk / Desktop Support Analyst- Legal, Windows 7...

Helpdesk / Support Analyst - MS Windows, Office - 2 - 3 months

Service Desk Analyst / Support Analyst - MS Windows...
To send to more than one email address, simply separate each address with a comma.