"It should be made clear that Linux.Wifatch is a piece of code that infects a device without user consent and in that regard is the same as any other piece of malware," said Symantec. "It should also be pointed out that Wifatch contains a number of general-purpose back doors that can be used by the author to carry out potentially malicious actions." There is one simple solution to rid yourself of the malware though: reset your device
DARPA is putting $36m to fund the Leveraging the Analog Domain for Security (LADS) Program (PDF). The agency is looking for proposals for "enhanced cyber defense through analysis of involuntary analog emissions," including things like "electromagnetic emissions, acoustic emanations, power fluctuations and thermal output variations." At the root of the program is frustration and a lack of confidence in digital monitoring and protection technologies developed for general purpose computing devices like desktops, laptops and servers.
The information security community's focus on "defense in-depth" approaches to cyber defense are ill suited for embedded systems because of cost, complexity or resource limitations. Even if that were possible, DARPA notes that "attackers have repeatedly demonstrated the ability to pierce protection boundaries, exploiting the fact that any security logic ultimately executes within the same computing unit as the rest of the (compromised) device software and the attacker's code."
"Technical experts and legal scholars repeatedly stress that the idea of a 'cyber Pearl Harbor'—a devastating sneak attack on U.S. infrastructure by a powerful state actor that launched a sustained international conflict—is wildly overblown. Right now, Watts said, 'states bite at one another’s ankles in a way to impede progress or to harass them,' but 'as for the likelihood of a major cyber war, I would rate it pretty low.'
Cyber armageddon may be extremely unlikely, but the many attacks below the level of formal armed conflict have still extracted a staggering price, in both economic and political terms. ... For starters, cyber-arms control is effectively hopeless. There’s no point, experts say, in trying to contain the spread of offensive cyber technology. Instead, the best hope for international law is to focus on reducing the incentives for malicious behavior."