New Tech Observer

New Tech Observer

New Malware Linked to Stuxnet, Flame

Posted: 10 Aug 2012 07:22 AM PDT

Researchers from Kaspersky labs, a Russian cybersecurity firm, have identified a new piece of malware that they believe comes from the same "factory" as the state-sponsored Stuxnet and Flame malware that was targeted at Iran. The new software, called Gauss, is supposedly aimed at Lebannon, whereas Stuxnet and Flame were developed to disrupt Iranian nuclear ambitions. From the Washington Post article:

"Nation-states want to monitor activity," said Roel Schouwenberg, senior researcher for Kaspersky Lab, the Russian cybersecurity firm that discovered the new malware and also discovered Flame. "Seeing how the money is flowing in these bank accounts can be very interesting for them."

Stuxnet and Flame are believed to have been developed by the United States and Israel.

In its analysis, Kaspersky experts stopped short of speculating on who might be behind the new malware, dubbed Gauss, but they said they believe it "was created by the same 'factory' which produced Flame. This indicates it is most likely a nation-state sponsored operation."

Pentagon Seeks Expanded Cyber Defense Permission

Posted: 10 Aug 2012 07:13 AM PDT

According to the Washington Post, the Pentagon has announced a plan that would allow U.S. military cyber-security specialists to take action on computers outside the U.S. network to defend critical infrastructure. This rule change would allow security specialists to take action against computers in other countries, including government and private computer systems, in order to defend U.S. infrastructure. From the article:
"Without a doubt it would be a very big and significant step forward," said a senior defense official, speaking on the condition of anonymity to discuss a sensitive topic. "It would account for changes in technology that will give more flexibility in defending the nation from cyberattack." 
Currently, the military is permitted to take defensive actions or to block malicious software — such as code that can sabotage another computer — only inside or at the boundaries of its own networks. But advances in technology and mounting concern about the potential for a cyberattack to damage power stations, water-treatment plants and other critical systems have prompted senior officials to seek a more robust role for the department's Cyber Command.