When the news about the
Flame malware first broke several weeks ago, people from all parts of the security community, political world and elsewhere quickly began trying to figure out what the significance of the tool was and whether it represented anything new. That was difficult at the time, given the lack of data on its exact capabilities and parentage. But, with the information available to us now, it seems safe to say that Flame has changed the way that many people think about the threat landscape and the way attackers work, not just in the security community but in the political arena, as well.
What and how you think about Flame and its younger sibling Stuxnet depends largely on your position in security or political community as well as your history with these kinds of attack tools in the past. By that I don't mean whether you've been hit by
Stuxnet or
Duqu, but rather how you experienced the drama, hype and reality surrounding those attacks. For some people, the emergence of Stuxnet was the first time they saw hard evidence of a professional attack team with nation-level resources going after high-value targets. The target in that case was the Iranian Natanz nuclear facility, which immediately raised speculation that either Israel or the United States was behind the attack.
