A new report from Russian cybersecurity firm Kaspersky Lab said its researchers identified a new family of malicious programs or worms that infected computers in multiple countries, primarily overseas. Targets appear to be specifically selected and included military, Islamic activists, energy companies and other businesses, as well as government personnel. Without naming the United States as the source of the malware, the report said one of the programs has elements in common with the so-called Stuxnet worm, which the New York Times and Washington Post have said was developed by the U.S. and Israeli governments to disrupt Iranian nuclear facilities.
A lot of nation-states are involved in these activities. Russia, China and the U.S. are in a great cyberarms race.
David DeWalt, chief executive of the Silicon Valley cybersecurity firm FireEye.
Experts warn that U.S. efforts could have unintended consequences: Foreign customers could become more leery of U.S. tech products if they’re suspected of being used for spying. And other hackers may be able to exploit the same vulnerabilities, said cybersecurity expert and author Bruce Schneier. Though it’s less well-known in the United States, Kaspersky is respected in the cybersecurity industry and its reports are generally viewed as reputable. While some critics have suggested the firm has close ties to Russian authorities, several experts said Tuesday that it’s plausible the United States is behind the malware identified in the report.
The malware was not designed for financial gain but to collect information through pure cyberespionage.
Kaspersky Lab researcher Vitaly Kamluk