At this time, Flamer seems to have targeted only a few hundred organizations and individuals located in a small segment of the globe. But make no mistake; Flamer is important worldwide. The complexity of the code within Flamer is on par with that seen in Stuxnet; arguably the most complex piece of malware Symantec has analyzed to date. However the mission of Flamer is much different from that of Stuxnet, which was designed to deliver a payload that disrupted the systems it was targeted toward. Symantec and others’ research indicates that Flamer, as of this moment; is purely focused on capture and exfiltration of sensitive information.
The good news for our public sector customers is that Symantec has protections in place to detect this threat (W32.Flamer). Specifically, we have:
- AntiVirus, AntiSpyware, IPS component, Symantec Insight, and Heuristics detection and conviction measures in Symantec Protection Suite Endpoint & SEP 12.1
- Host-Based IDS/IPS built into Symantec Protection Suite for Servers & CSP
- Sensitive Information Protection strategies built into Symantec DLP, Encryption & beyond
- Plus additional Defense-in-Depth with DeepSight, Managed Security Services, and specialized Cyber Threat Analysis Programs and Tools; tuned for the Public Sector mission
We’ll post more pertinent information as it becomes available.