Key points are not available for this paper at this time.
The Flame Virus will go down in history as the most complex, most sophisticated and largest cyber-espionage tool to fool Microsoft's Terminal Services licensing certificate authority. Using a detailed yet brilliant (in terms of cybercrime) strategy, Flame infiltrated thousands of computers in the Middle East by capitalising on a flaw that allowed attackers to create a digital security certificate masquerading as an official Microsoft security certificate. What's more, it came in the form of a Microsoft update. Although it looked genuine, users allowing the update were giving Flame the go-ahead to install massive amounts of spyware and code on their machines. The Flame Virus will go down in history as one of the largest and most complex cyber-espionage tools. Using a detailed yet brilliant (in terms of cybercrime) strategy, Flame infiltrated thousands of computers in the Middle East by forging an official Microsoft security certificate. Traditional anti-virus software is sadly ineffective against such sophisticated attacks. Organisations need to move to a whitelisting model if they want to stand any chance of beating off the attacks of the future, argues Kate Munro of Bit9.
Kate Munro (Mon,) studied this question.