Developing and operating such a professional malware campaign is extremely expensive and requires resources beyond those of everyday cybercriminals. The cost of developing and maintaining such a malicious framework is colossal: we estimate it to be around $50 million.
“Duqu 2 shares a lot of the code base of the original Duqu, which leads Symantec to believe it has been created by the same group of attackers. Duqu, in turn, shares much of the code base of Stuxnet, widely believed to have been jointly developed by the US and Israel as part of the US government’s covert operation Olympic Games.
Considering the US is unlikely to have spied on its own negotiations in Tehran, that increases the suspicion that Israel was involved in Duqu 2’s creation.
Attribution in cyberattacks is notoriously difficult and at this level of sophistication is almost impossible and Israel will never admit to the use and/or creation of Duqu 2. What has been the response to Duqu 2 attack?
Eugene Kaspersky is not very happy:
Governments attacking IT security companies is simply outrageous. We’re supposed to be on the same side as responsible nations, sharing the common goal of a safe and secure cyberworld. We share our knowledge to fight cybercrime and help investigations become more effective. There are many things we do together to make this cyberworld a better place. But now we see some members of this ‘community’ paying no respect to laws, professional ethics or common sense.”
(Via.) International Business Times