The recent Stuxnet, Flame and CA compromises involving Comodo and DigiNotar had three common elements, each was government sponsored, each involved Iran and all three involved a PKI compromise. The presenter will share experience of dealing with the Iranian attack, highlighting the ways in which government sponsored attacks are very different from both 'ordinary' criminal attacks and the Hollywood view of 'cyberwarfare'.