Update | By: Carissa Wyant
Several U.S. and Western officials, speaking on condition of anonymity in early June, confirmed that the launch of the Flame computer virus was directed by Israel in a unilateral operation, which was surprising to American intelligence.
Heralded as the first sustained case of cyber-sabotage against a U.S. adversary, the effort is believed to have involved cooperation from the National Security Agency, the CIA and Israel’s military. A high-ranking U.S. intelligence official told the Washington Post, “This is about preparing the battlefield for another type of covert action. Cyber-collection against the Iranian program is way further down the road than this.” The official also said that both Flame and Stuxnet were part of a broader assault that continues today.
Reports indicate that the Flame virus masqueraded as a routine Microsoft software update, operating undetected for years.
(MintPress) — “This is the most serious [cyber] warning we have ever put out,” Marco Obiso, cyber security coordinator for the UN’s Geneva-based International Telecommunications Union (ITU), said of the “Flame” computer virus this week.
The virus, which was discovered in Iran and other parts of the Middle East is being heralded as a dangerous espionage tool that could potentially be used to attack critical infrastructure, and nations across the globe are being put on high alert by the UN, which circulated a confidential memo about its potentially destructive capabilities.
It has been speculated that both the U.S. and Israel, who were suspects in creating a similar virus in 2010, may have been involved with the creation of the new virus.
Flame virus targets Iran
Iran’s key oil industry was briefly affected by the the Flame virus Tuesday. According to a senior Iranian military official, the virus has unprecedented data-snatching capabilities and can eavesdrop on computer users, the Associated Press reports.
The virus is capable of activating a computer’s audio systems to listen in on Skype calls or office chatter. It can also take screenshots, log keystrokes and lift data from Bluetooth-enabled cellphones.
Computers in Iran appear to have been particularly affected by the virus, as well as those in Israel, the Palestinian territories, Sudan, Syria and other parts of the region.
Kaspersky Lab, a Russian cyber security software maker consulted by the ITU, was credited with discovering both viruses. Kaspersky has said the Flame virus’ “complexity and functionality exceed those of all other cyber menaces known to date,” Rueters reported.
“I think it is a much more serious threat than Stuxnet,” Obiso told the news service.
The agency plans to set up a program to collect and analyze data, including virus samples. It will track the spread of the virus and observe any changes in its composition.
The virus was discovered after the ITU asked Kaspersky to investigate reports it fielded from Tehran of a mysterious virus linked to massive data losses on some Iranian computer systems.
Flame virus compared to Stuxnet virus of 2010
Iran’s Computer Emergency Response Team Coordination Center has said the newly discovered virus is potentially more harmful than the 2010 Stuxnet virus. Stuxnet, regarded by experts as the largest act of cyber-sabotage in world history, destroyed several centrifuges used for Iran’s nuclear enrichment program.
Experts have said that the Flame virus was likely built on behalf of a nation state – likely the same nation or nations that commissioned the Stuxnet.
Iran has maintained that its nuclear program aims to produce fuel for civilian nuclear power, however, countries like the U.S. and Israel have expressed concern that Iran is seeking to develop nuclear weapons.
Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, said of the Stuxnet attack in May of last year, “We’re glad they [the Iranians] are having trouble with their centrifuge machine and that we – the U.S. and its allies – are doing everything we can to make sure that we complicate matters for them,” according to The New York Times.
Stuxnet was likely a joint project between America and Israel. “By the accounts of a number of computer scientists, nuclear enrichment experts and former officials, the covert race to create Stuxnet was a joint project between the Americans and the Israelis, with some help, knowing or unknowing, from the Germans and the British,” the paper reported.
Iran says problems remedied
Iran has said that the damage from the Flame virus has been contained and that the oil industry was the only government body seriously affected by the bug.
Gholam Reza Jalali, who heads an Iranian military unit in charge of fighting sabotage, told state radio, “This virus penetrated some fields. One of them was the oil sector. Fortunately, we detected and controlled this single incident. We could also retrieve the information that was lost.”
Ali Hakim Javadi, Iran’s deputy Minister of Communications and Information Technology, was quoted by the official IRNA news agency as saying that the country “has produced an anti-virus capable of detecting and removing the Flame for the first time in the world. The anti-virus software was delivered to selected organizations in early May.”
When asked about involvement with the incident, Israeli Vice Premier Moshe Yaalon told Army Radio Tuesday, “Whoever sees the Iranian threat as a significant threat is likely to take various steps, including these, to hobble it. Israel is blessed with high technology, and we boast tools that open all sorts of opportunities for us.”