Where you were when you heard the news of Osama Bin Laden's death will probably be one of those moments that will live in your memory forever. I was watching baseball when my son called to ask why the president was giving a Sunday night press conference. That was around 10:15 p.m. ET, and I spent the next couple of hours flipping between various news channels, Twitter, Facebook and the baseball game.
Like millions of others around the world, I felt relieved but concerned about what this means for national security. It's a very different world since 2001, after all. Maybe it is because I spend so much time thinking and writing about information security that I thought as much about a Stuxnet-type of attack as I did a bomb attack.
I wasn't surprised to find an email this morning from Zscaler, warning of people who will take advantage of Bin Laden's death, just like they take advantage of any other major world event. Not surprisingly, Bin Laden's death is being used as a way to spread malware. As Zscaler's Michael Sutton posted on his blog:
Within hours of the announcement of Osama Bin Laden's death, we are already seeing malicious sites emerge to capitalize on the news. One Spanish language site displays a purported photo of a murdered Osama Bin Laden and includes a story about the US led operation. Farther down the page, the reader is presented with a Flash Player window with a message indicating that the user must first update a VLC plugin, which is a popular media player, in order to view the video. When the user clicks on the link, they will download a file titled XvidSetup.exe. This file is actually a popular adware tool known as hotbar. At present, 19 of 41 antivirus engines are blocking the file.
As I try to wrap my brain around the news of the past 12 hours - of the past week, really - one thought keeps coming to mind: The desk sergeant from "Hill Street Blues," sending cops out for their day's work and saying, "Be careful out there."