Gauss Malware and Shadow Warfare

Tuesday, August 14, 2012

Joel Harding


I did an analysis of Gauss from a ‘whodunit’ perspective for a reporter, I thought I might share a few of my conclusions.

A bit of history first.  On August 9th, 2012, the Russian cybersecurity firm Kaspersky issued a press release and leaped to the conclusion that this is a State sponsored effort without providing any evidence, other than Gauss sharing some code and functionality with Stuxnet and Flame. 

I happen to agree, however, after walking through the alternatives. Occam’s Razor logic test says that is the best conclusion and it is merely an intelligence gathering operation.

The argument that this is a well-funded hacker group doesn’t pass an examination because the Return on Investment is probably too low.

I also have fairly reliable information that the Olympic Games program had more subordinate programs than just Stuxnet and Flame…  we shall see how this develops.  The chance of a disclosure from the White House, however, is minimal to nil.

When will we know for certain?  Many decades, is my best guess. Many decades. A few notable findings of mine, related to this issue:

Kaspersky is a cybersecurity firm and sells its services.  In this case Kaspersky did not monopolize the field, another firm almost simultaneously released a Gauss detection tool, here.

The International Telegraph Union, the ITU, is the world’s telecommunication governing body.  The United States is actively resisting them as the governing body.  With Kaspersky’s announcement and Kaspersky’s close relationship with the ITU, the United States’ argument grows weaker. 

The US wants to retain as much control over the internet as is possible to insure freedom of speech and freedom of operations on the internet.  The US may recognize what an advantage it has by having de facto control over the internet.

Welcome to the battlefield of the future, I call it Shadow Warfare or, perhaps more descriptive is Warfare in the Shadows.  We may never see our attacker.  We may never hear the killing blow. 

We may never smell any evil intent.  We may not taste our cyber-blood spilling onto the ground. We might never even feel our collective bodies slumping over and dying…  and nobody might ever die…  

But the attacks will happen and governments will find odd ways to communicate they were behind an action in cyberspace, as I happen to believe the Stuxnet disclosure really was such a communication.

Cross-posted from To Inform is to Influence

Possibly Related Articles:
Viruses & Malware
Information Security
malware Cyberwar Stuxnet Espionage Internet Freedom cyber weapon Shadow Warfare International Telecommunications Union GAUSS
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.