Tuesday, June 19, 2012

The New Attack On Iran By Israel and America....the "Flame" Malware

First it was Stuxnet, the computer worm that plagued the nuclear software programming for the Iranians' nuclear facilities and now, the latest computer weapon, one apparently developed and delivered by the Israelis and Americans, has been put into action against Iran's oil industry - this new weapon, a piece of malware is called "Flame."

And I think it's pretty darn cool.   :)

From the article at The Telegraph:

Last week similarities were discovered between the coding of Flame, a piece of Malware disguised as a Microsoft software update, and Stuxnet, a virus previously launched on Iran's nuclear infrastructure.

“This is about preparing the battlefield for another type of covert action,” one former high-ranking US official reportedly told The Washington Post. “Cyber collection against the Iranian programme is way further down the road than this.”

The CIA, NSA and Office of the Director of National Intelligence, as well as the Israeli embassy in Washington, did not comment on the newspaper's report.

Earlier this month it was reported that those responsible for the Flame and Stuxnet cyber-attacks ‘cooperated at least once’ in the early stages of their development, according to Russian security company Kaspersky Lab.

What we haven't really heard in all of this is just how devastating this has all been to the Iranians - we all know how widespread the estimates are of the Iranians' nuke capabilities and progress so it's hard to judge but one has to believe that significant delays have taken place and at the same time, one has to hope that we and the Israelis have a whole train of these computer weapons lined up ready to continue the assault.



Flame virus 'created by US and Israel as part of intensifying cyber warfare'


Last week similarities were discovered between the coding of Flame, a piece of Malware disguised as a Microsoft software update, and Stuxnet, a virus previously launched on Iran's nuclear infrastructure.

“This is about preparing the battlefield for another type of covert action,” one former high-ranking US official reportedly told The Washington Post. “Cyber collection against the Iranian programme is way further down the road than this.”

The CIA, NSA and Office of the Director of National Intelligence, as well as the Israeli embassy in Washington, did not comment on the newspaper's report.

Earlier this month it was reported that those responsible for the Flame and Stuxnet cyber-attacks ‘cooperated at least once’ in the early stages of their development, according to Russian security company Kaspersky Lab.

The new findings reveal that the teams shared source code of at least one module prior to 2010. “What we have found is very strong evidence that Stuxnet/Duqu and Flame cyber-weapons are connected,” said Alexander Gostev, Chief Security Expert at Kaspersky Lab.



The new found connection concerns a special module known as ‘Resource 207’ that was found in earliest known version of Stuxnet, created in 2009 but was later removed from the 2010 version. ‘Resource 207’ has a lot in common with the code used in Flame.

Resemblances include the names of mutually exclusive objects, the algorithm used to decrypt strings, and similar approaches to file naming. Furthermore, the primary function of ‘Resource 207’ was to distribute the Stuxnet infection from machine to another through removable USB drives. The code which is responsible for distribution of malware using USB drives is completely identical to the one used in Flame.

However despite the newly discovered facts, Mr Gostev remains confident that Flame and Stuxnet originate from completely different platforms, used to develop multiple cyber-weapons.

“They each have different architectures with their own unique tricks that were used to infect systems and execute primary tasks. The projects were indeed separate and independent from each other.”

A recent New York Times investigation has suggested that President Obama, in cooperation with the Israelis, has consistently ordered sophisticated cyber attacks on the computer systems that run Iran’s main nuclear enrichment facilities. The programme became public in the summer of 2010 due to a programming error and soon became known as Stuxnet.

Kaspersky Lab’s recent discovery of the link between Stuxnet and Flame opens the way for allegations that once again, the USA and Israel are behind a cyber attack on Iran. The Israeli government have distanced themselves from any such accusations despite an interview in which a minister appeared to back the attacks. The UN’s head of telecommunications Dr Hamadoun Toure labelled the New York Times investigation as ‘speculation’ whilst refuting any US responsibility for Flame.

No comments: