Comments on: Stuxnet, Flamer, Flame, Whatever Name: There's just no good malware http://www.welivesecurity.com/2012/06/03/stuxnet-flamer-flame-whatever-name-there-is-no-good-malware/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: Harry Johnston http://www.welivesecurity.com/2012/06/03/stuxnet-flamer-flame-whatever-name-there-is-no-good-malware/#comment-861 Mon, 11 Jun 2012 03:41:59 +0000 http://blog.eset.com/?p=13001#comment-861 "Deploying malicious code for nation-state purposes is not that dumb, it is even dumber."
I dunno.  Allegedly, in the case of Stuxnet, the (seriously considered) alternative was a bombing run, or perhaps a series of bombing runs, which would have directly resulted in many deaths and could well have led to full-scale war.  Even if you ignore the ethical issues and deal only in economic terms, my best guess is that the overall economic cost of Stuxnet (even if you include the cost of development, the effort that went into analysis and mitigation after it was discovered, and any damage caused to innocent parties) was still less than the cost of a physical attack would likely have been.

]]>
By: David Harley http://www.welivesecurity.com/2012/06/03/stuxnet-flamer-flame-whatever-name-there-is-no-good-malware/#comment-860 Mon, 04 Jun 2012 15:55:37 +0000 http://blog.eset.com/?p=13001#comment-860 My article at http://www.scmagazine.com/w32flamer-detection-failure-the-real-lesson/article/244107/ is kind of relevant to this one: in fact, I cited your final paragraph. :) I was starting out, though, from the claims that Flamer signifies the end of signature detection (in the sense of exact or near-exact identification. In fact, the opposite is true: the problem is that those techniques don't work till you have a sample from which to capture the range(s) of constant bytes. But that was just as much the case in the 1980s as it is now.

]]>