Even the most casual reader of technology news will probably have noticed discussion relating to the new “Flame worm” which has surfaced recently. This new malware threat has been estimated to be able to perform all manner of damaging and dangerous actions if it infects a company’s network and/or user’s PC.
So what is Flame capable of?
Flame is thought to be capable of taking screenshots of user’s machines, monitoring voice-based conversations, taking (and responding to) complex remote instructions and “sniffing” web traffic while a user browses the Internet — all of which actions represent clear and obvious dangers to user’s security and data protection safety.
How much do we know about Flame?
Although information detailing the deeper technical specifications and architecture of Flame are still in the formative stage, we do know that this new piece of malware could be carrying as much as 20 times more (damaging) executable code than Stuxnet.
We also know that (according to analyst and news reports) Flame may have been around lying relatively undetected since as far back at March 2010.
Who built Flame?
Put simply, it is unknown who built Flame at this stage although a combination of rumours, past experience and common sense propose that this level of technical engineering will have required “national” backing at some level — although no identifiable “nation states” have been fingered or accused of Flame’s creation to date.
What is so dangerous about Flame?
Flame is thought to be able to hijack administrative accounts and to detect which anti-virus software is installed on a particular machine so that it can disguise itself as a non-malicious file of a benign nature. In addition to admin attacks, Flame is said to be capable of entering systems via application backdoors and hardcoded passwords, a group of attack vectors commonly known as “privileged access points”.
What are we going to do about Flame?
Given these avenues of subterfuge and the use of privileged access points, the use of anti-virus software by every corporate and home user is EVEN more important than ever — although a new and ever more heightened responsibility incumbent upon the admin and/or IT department is now also brought to the fore.
In much the same way as we have discussed the need to take security risks related to Bring Your Own Device concerns head on, we must also now take a proactive stance against worm variants such as Flame. The IT security stakes have been raised for us all.