Most of KitGuru's readers are probably not schooled in the whole art of nuclear warfare – which is a good thing. Those who grew up prior to the eighties would have been presented with many documentaries on the threat posed by the USSR and its advanced nuclear weapons programmes. Reading Kaspersky's latest warning, it looks like some of the old techniques are alive and kicking in modern cyberwarfare. KitGuru practices some ‘duck and cover' while placing doors at 45 degree angles to the wall of the Lab and stockpiling bottles of water.
Nuclear attack might seem devastating to everyone, but the Cold War battles were fought to such a degree of finesse that some targets were classified as ‘hard' enough to withstand a single nuclear device.
In those situations, a pair of devices would be used in unison.
The initial attack device would have a very tight CEP (Circular Error Probablility – i.e. ability to hit a precise spot), it'd have a ‘lite' nuclear payload and the top of the missile would have armour-piercing technology built in. For a seriously hard target, like an enemy's missile silos, this initial missile would smash into the reinforced concrete covering – then detonate a nuclear explosion in the sub-1 megaton range – the whole point of which was simply to ‘soften the butter'.
The real strike would be a 5-25 megaton device, which would follow in behind and decimate everything under the compromised ground defences.
Roel Schouwenberg is one of Kaspersky's most valuable researchers. He has been studying a new threat called MiniFlame. It comes from the family of mass-attack products like Gauss and Flame itself – clearly establishing a common source for all 3 – says Roel.
According to Kaspersky, the initial Gauss/Flame attacks, seen on a huge scale against upward of 10,000 targeted systems, might have been a ‘softening' operation for a second stroke by MiniFlame. Roel says “We currently assume that miniFlame is installed via Flame and Gauss. This leads us to believe that infections are only found on extremely high-value targets”.
He continued, “If Flame and Gauss were massive spy operations, infecting thousands of users, miniFlame/SPE is a high precision, surgical attack tool”.
Now that Kaspersky has been able to deconstruct these cyber threats, Roel is prepared to go on record saying “It further affirms our belief that Flame and Gauss were two parallel operations commissioned by the same entities. All of these different malware families are doing largely the same thing, gathering intelligence”.
Roel is an 8-year veteran of the whole international cyberwar arena and is widely recognised and (a) an expert in his field and (b) arguably the best looking chap in an army of uber-geeks.
When speaking about these threats, references are made to the US government's programme of building cyber attack software, but Roel seems to stop short of actually accusing the Bush/Obama brigade of hand coding MiniFlame themselves.
KitGuru says: While normal folks across the globe will share some common concerns about how major governments attack each other's serious systems with these ‘multiple attacks on a single hard IT structure' – the real threat has to be the old ‘terrorists get hands-on to dirty nuclear device'. If a government can't protect itself against these threats with 100% certainty, what hope for normal people with their £20 anti-virus products?
Comment below or in the KitGuru forums.