Where are these quotes coming from ? Marshall On Jan 15, 2010, at 9:07 AM, Bruce Williams wrote:
Part of the discussion of recent attacks by targeted email to individuals crafted to deceive that particular individual based on intelligence gathered for this use by governments.
"The alleged attacks from China are troubling on many fronts. On Thursday, security firm McAfee released a report saying the program used to target U.S. firms involved a so-called "zero day" vulnerability -- one that was to this point unknown to the security community, and thus indefensible by anti-virus software. The flaw involved Microsoft's Internet Explorer, McAfee said. Microsoft says it is working quickly to provide a software patch. But the malicious software attacks other software flaws too, McAfee said, adding this ominous note: "There very well may be other attack vectors that are not known to us at this time."
"These highly customized attacks known as advanced persistent threats were primarily seen by governments and the mere mention of them strikes fear in any cyberwarrior,” wrote McAfee's George Kurtz in a blog post today. “They are in fact the equivalent of the modern drone on the battle field. With pinpoint accuracy they deliver their deadly payload and once discovered - it is too late…All I can say is wow. The world has changed. Everyone's threat model now needs to be adapted to the new reality of these advanced persistent threats. In addition to worrying about Eastern European cybercriminals trying to siphon off credit card databases, you have to focus on protecting all of your core intellectual property."
Mark Rasch, former head of the Department of Justice computer crime unit, called the attacks “cyberwarfare,” and said it was clearly an escalation of a digital conflict between China and the U.S.
As if the old threat models weren't bad enough...
Bruce