Hacker News new | past | comments | ask | show | jobs | submit login

Not sure I follow the logic of

"The design of this new variant required world-class cryptanalysis"

to

"The finding gives support to claims that Flame must have been built by a nation state rather than cybercriminals."

Doesn't that assume world-class cryptographers only work for governments? Are there are other reasons people are assuming this was state-sponsored?




There is also the little fact that Flame seems to have been targeting Iran, Syria, and the West Bank. Not proof that a nation state was involved, but surely there are more profitable targets for a criminal master mind capable of inventing new cryptographic methods.


There are lots of academic crypto researchers, there are some state-sponsored (i.e. secret-service) crypto researchers, and there are even a scant few commercial crypto researchers; the academics and commercial entities are usually reasonably open about their work, so that leaves state-sponsored cryptographers.

(Of course, they could be criminals. But there are other reasons to suspect that that is unlikely, most importantly the fact that Flame doesn't appear to steal credit cards.)


It depends on what the malware is designed to do. Cui bono, as they say.

If the malware is designed to grab bank passwords or steal money, then you can assume there's a criminal enterprise behind it.

But if the malware is specifically targeting certain "problem" countries; and stealing documents and other things of non-monetary value, then it's very likely that there's a government behind it. Which criminal mastermind will say, "tomorrow, I'll steal Word documents of all Syrians" ? What will he do with them anyways? Given the abundance of low-hanging fruit, why would a criminal jump through all these hoops?


So state-sponsored malware writers should seed their payloads with misleading targeting information, but have an option to download other targeting code dynamically. (And erase such the moment it's not needed.)


> What will he do with them anyways?

He'll sell them to a state actor. Even if something is non-monetary, if someone with money wants it, it can be monetized.


If you're gonna go to that amount of trouble then why not steal everything, including CC numbers and why not target everyone, not just specific states?


I think the point is that doing this is riskier, and more difficult than just stealing CC numbers and such.


From the other articles I've read, its my understanding that they're basically saying Flame is so sophisticated, it was probably developed by a team of really, really smart people with time and resources at their disposal.

It doesn't necessarily rule out criminals, but its much more likely that its state-sponsored.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: