Viruses. Worms. Spooks. Super villains. Cyber threats. Auric Goldfinger. Fear and loathing. Security stories — Grok tends to stay away from them because he doesn't really understand them and can’t decide if the often inflammatory coverage is warranted or just Google bait for Web publishers. (Like the first 14 words of this blog, for instance.)
But this story on "Flame" by the <i>BBC</i> caught our eye last night and it has subsequently gone viral (if you will pardon the pun). So against our better judgment and with all due caveats, let’s dive right in.
According to the BBC report, researchers working with the United Nation’s International Telecommunications Union (ITU) have revealed they are investigating a cyber attack which is being described as, “one of the most complex threats ever discovered”. Of course the people who describe it as such — Russian security firm Kaspersky Labs — are in the business of selling security solutions so they would say that.
The BBC quotes Kaspersky’s chief malware expert, Vitaly Kamluk, saying that Flame’s intent appears to be data theft rather than system damage. “Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on.”
So far, 600 specific targets have been hit and Iran and Israel in particular (along with some other Middle Eastern states) seem to be have been on the receiving end of the attacks. Given how popular those two nations are, that pretty much narrows down potential nation state suspects to just about every country in the world. (Grok’s money is on the North Koreans — comic book villains, or Tasmania, evil, evil Tasmanians.)
This is apparently a complex bit of gear, and the code itself is 20MB which the story pointed out is 20 times larger than Stuxnet — a computer worm which attacks industrial systems and which was discovered in June 2010.
Coincidently (or not), Flame appears to have been having its way since August 2010. The ABC ramps up the volume towards the hysteric under the headline "Flame virus sparks UN cyber war alert".
It quoted Marco Obiso, the cyber coordinator for the ITU suggesting, “This is the most serious warning we have ever put out.”
Not everyone agrees though. The same story quoted Jeff Moss, who is a member of the Homeland Security Advisory Council and the chief security officer at Internet Corporation for Assigned Names and Numbers, suggesting that everyone should have a good lie down for a moment. “It will take time to disassemble, but it is not the end of the net.” And a final word to Marcus Carey, from cyber security firm (and presumably Kaspersky Labs rival) Rapid7, “We seem to be getting to a point where every time new malware is discovered it's branded 'the worst ever,'” Then again, “No Big Deal” doesn't have quite the same ring to it, even in 50 point, bold Helvetica.
Meet "The smart money", he’s not a banker
Meanwhile a little post script to the Facebook IPO. <i>Business Insider</i> spoke to one of the few people in the world who seems to be able to make sense of the otherwise alchemic approach to valuing dotcoms.
Aswath Damodaran is the professor of finance at the Stern School of Business at New York University. And he’s developed an Oracle like reputation for picking the marks around tech stocks.
The BI article noted his observations that no-one really gains from overvaluing the stock. As the report said, “The bankers face major damage to their reputations, the Facebook insiders will have an even more challenging time unloading their shares, and the big institutional investors who reportedly had an informational advantage are facing huge losses.”
And in Damodaran words, “I think the investment bankers priced the offering based on how shares of Facebook were trading in the private market and their assessments of institutional demand. I don't think that revenue growth, margins, risk or any other fundamentals played much of a role in the pricing. I don't fault them for playing the momentum game, but they played it badly.”
He suggests the problem is that the bankers focused too much on price momentum metrics and not enough on fundamentals. As Grok mentioned* at the bottom of our May 7th piece, “Facebook IPO — retail investors beware”, the Facebook IPO price was always toppy, even at a $90 billion valuation. Now, for what it’s worth (which is not much frankly) at $28 bucks and falling, we are starting to get interested again.
And a postscript: As at about 9.30 am AEST, Facebook is worth $62 billion. That’s less than it valued itself at ($75 billion) when it bought Instagram a little over a month ago. But don’t forget, markets also overshoot on the down.
One final note: Groupon’s early investors are allowed to sell their shares on Friday. Do not stand in between them and the exit sign, it might get ugly. As a spectator though, this could be a lot of fun. (Unless you are holding stock at over $30 bucks.)
*Shameless I-told-you-so plug.
Andrew Birmingham is the CEO of Silicon Gully Investments. Follow him on Twitter @ag_birmingham.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.