Security workers fighting against the new “cyber-weapon” malware? They are wasting their time on something that’s not that important, at least according to the F-Secure analyst Sean Sullivan: the real issue for computer security is elsewhere, Sullivan said.
The Finnish company analyst stated that “defining what a cyber weapon is, is next to impossible”: computer threats like Stuxnet, Flame, Gauss and others aren’t “weapons”, Sullivan suggested, they just are “code and tech” and “what you do with it” is the only thing that matters.
Sullivan highlighted the fact that the number of systems infected by these “cyber-threats” is pretty small, “a few thousands at most” and so “state actors” that are supposedly making this new kind of malware "aren’t something most people should worry about".
The analyst suggested that security companies and experts should focus more on the real threat cyber-crime has become for computers and the net economy, while he warned about the long-term consequences that state-sponsored worms, trojans and backdoors will have on the aforementioned cyber-crime.
Cyber-criminals will surely take inspiration from the new attack means like the Microsoft certificate spoofing performed by Flame, Sullivan said, so cyber-weapons “won’t have an immediate effect today” but in the not-so-distant future they will become part of the tools used by for-profit malware writers.
Source: V3.co.uk