Thanks for sharing those links Paul. That is some good commentary, which I hadn't seen yet. One point that carries across both of those articles is; "Any malware, even targeted, can get out of hand and cause 'collateral damage' to machines that aren't the intended victim."
Of course we've seen major malware incidents that hit home users, corporations, and government agencies indiscriminately and en masse. Some of those were written by malicious kids and some by malicious adults. When nation states get into that game that doesn't raise the risk level greatly, regardless of article comments about what "hackers" learned by studying Stuxnet - which somewhat suggests that basement hackers can't be as smart or smarter than "the NSA and a secret Israeli unit respected by American intelligence officials for its cyberskills" (how naive). Just look at how much damage and loss was caused on 9-11-2001 by a few dumb jihadists with cheap box knives, in spite of all the thinking and money that went into preventing plane hijacking over prior decades. But the Stuxnet case does beg the question of; What other risks (to all of us) and collateral damage are our elected representatives willing to accept in the name of protecting national security by attacking foreign interests? "12 Monkeys" anyone? (yes I know it was a rogue individual that released the virus in the movie, not government officials) The NY Times article mentioned crossing the Rubicon, or point of no return. Organized crime kicked the cyber-attack-and-defend arms race up a notch. Nation states kicked it up a notch, and they are not new to this game despite some public perception. Meanwhile that cyber-arms race costs us all a lot of time and money every day. Joshua in the WOPR: "A strange game. The only winning move is not to play. How about a nice game of chess?" Vic in his first email: "I'll withhold individual commentary" Vic in response to himself now: "Liar!" Peace, Vic ----- Original Message ----- From: "Paul Ferguson" <[email protected]> To: "Vic Vandal" <[email protected]> Cc: [email protected] Sent: Friday, June 1, 2012 12:37:04 PM Subject: Re: [funsec] The Stuxnet worm, Obama, Bush, and Israel A most excellent article this morning in the MIT Technology Review: "How Obama Was Dangerously Naive About STUXNET and Cyberwarfare" https://www.technologyreview.com/blog/mimssbits/27891/ Also, I really like this commentary by Mikko in Threat Level: "Why Antivirus Companies Like Mine Failed to Catch Flame and Stuxnet" http://www.wired.com/threatlevel/2012/06/internet-security-fail/ FYI, - ferg On Fri, Jun 1, 2012 at 9:04 AM, Vic Vandal <[email protected]> wrote: > This isn't quite FUNsec, but it's an interesting article no doubt. We've all > heard suggestions that the U.S. and Israel were behind the Stuxnet attack on > the Iranian nuclear facility. This is the most revealing article I've seen > on it thus far though. > > http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.htm?_r=1&pagewanted=print > > I'll withhold individual commentary, though I do have varied opinions on the > article's content. > > Peace, > Vic -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
