“Someone might argue that it’s good we failed to find these pieces of code. Most of the infections occurred in politically turbulent areas of the world, in countries like Iran, Syria and Sudan. It’s not known exactly what Flame was used for, but it’s possible that if we had detected and blocked it earlier, we might have indirectly helped oppressive regimes in these countries thwart the efforts of foreign intelligence agencies to monitor them.
But that’s not the point. We want to detect malware, regardless of its source or purpose. Politics don’t even enter the discussion, nor should they. Any malware, even targeted, can get out of hand and cause “collateral damage” to machines that aren’t the intended victim. Stuxnet, for example, spread around the world via its USB worm functionality and infected more than 100,000 computers while seeking out its real target, computers operating the Natanz uranium enrichment facility in Iran. In short, it’s our job as an industry to protect computers against malware. That’s it.”