Yes, pretty much everybody in the industry said “duh!” when it was revealed (well, “semi-officially”) that USA and Israel are behind the Stuxnet code.
However, if you think about it, there are some interesting implications of this:
- What do you call “malware” working for the good guys? “Attack software”? “Sabotage-ware”? “Good malware”? We need a whole new language to describe what we are seeing now. This is "one man’s terrorist is another man’s freedom fighter" all over again…
- “Malware” (with the above caveat) developer is now a legitimate occupation that you can put on your resume. Example: “2006-2007: developed ‘attack software’ for XYZ government”
- An attack launched by one state’s military/intelligence against another state using “malware” is a reality. This is probably not cybercrime? (well, just like spying, this actually looks like crime to the victim – as was pointed out to me, spying is often prosecuted in civilian courts and thus can be seen as a special kind of a crime, despite that a foreign government is behind it). This is not “cyber-terrorism.” Is this cyber-sabotage? Is it cyber-warfare after all? I have to grudgingly agree that it might be. Then again, warfare has many forms already, even without tossing “cyber” in the mix.
- Also, state-developed “malware” used against other states raises interesting questions regarding malware defenses. Such software needs to hide from AV defenses, just like it criminal brethren which leads to the situation described back in 2007: if you have a 0-day (or a novel malware hiding tech), you can choose to defend against it OR attack others with it, but likely not both.
- This is (to the best of my knowledge) the first example of technology invented by criminals (well, sort of – science fiction authors first described “malware”) and then adopted for legitimate military purposes that happened in modern times.
Any other thoughts?
If not, all I can say is “we live in interesting times”!