|
|
|
|
|
|
by breadtk
3607 days ago
|
|
|
I believe it's less about fear mongering and more about understanding the level of sophistication of the software. Talk to anti malware analyst and they'll tell you how commoditized the malware game is nowadays. There's an endless stream of malware and ransomware which can be linked back to just a handful of frameworks. These types of malware families also fall under the spray-n-pray mentality for distribution. Spam, drive-by-downloads, infected torrents, etc. Compare the mass of malware that is out there with the level of technical sophistication, OPSEC to prevent detection, and precise targeting of its victims. Along with other big name malwares (i.e. Stuxnet, Flame, etc.), this class of malware is very precise in its objective. It isn't trying to make money for its owners. It isn't trying to replicate itself across the internet endlessly. Rather it has a key objective of infecting a specific set of networks. So when researchers call out the fact that it is likely to be "state sponsored", they are saying the purpose of the malware is very different than your average piece of malware. |
|
|
For example, suppose that this exploit involved the reversal of an MD5 hash (and this is simply an example, I'm not saying that the actual exploit did). How much computing power would be required to do this? I couldn't do this reliably on my home machine, nor could I afford the cloud-compute power to perform it. However, assembling a vast array of machines is within reach of a state sponsored intelligence agency.
So, that's often it: at some point, the computation would be so expensive that you'd have to infer that only a nation state could have financed it.