Risky Business #205 -- Who's the real Shady RAT?

How a McAfee "research paper" turned into a media circus...
05 Aug 2011 » Risky Business

On this week's show we're taking a look at the most devastating state sponsored planet melting, child eating APT the world has ever seen... according to Gizmodo it's the BIGGEST CYBER ATTACK IN HISTORY.

Ummm... actually no, it's a fairly unsophisticated botnet comprising of 70 targeted infections.

It seems like the tech guys and analysts at McAfee did some interesting work in seizing control of a small botnet, then the salesbots, marketroids and public relationamatrons got their hands on it and spun it way out of perspective. The result? The media describing a fairly run-of-the-mill spooky botnet as the end of the world.

We'll be joined by Searn Duca of McAfee -- a very nice chap -- to have a chat about some of the detail of the so-called operation Shady RAT, which to me, seems more like operation shady AV vendor sales and marketing pitch. The media has spun this one way out of control, much, I'm sure, to the delight of the PRs at McAfee and the irritation of the wider infosec industry!

Also in this week's show we're joined by Marcus Ranum in the sponsor interview. Marcus is, of course, Tenable Network Security's CSO, and he joins me to discuss the US military's new cyber warfare doctrine -- you know, the one that explicitly states the US can use kinetic retribution in the event of a cyber attack.

So, like, doesn't that mean Iran can go and air-strike US nuclear refineries now? Heh... heh... yeah. :'( Marcus joins us to discuss that toward the end of the show -- that's actually a really interesting chat.

We're also joined by Adam Boileau, as usual, to go over the week's news headlines.