Flame Virus Developed by US and Israel
Sophisticated virus created to prepare for cyber-sabotage of Iran’s nuclear program
A sophisticated computer virus nicknamed, “Flame” was jointly developed by Israel and the United States in order to slow down Iran’s ability to develop nuclear weapons, according to Western officials.
The virus was designed by both countries to collect intelligence in preparation for a cyber-sabotage of Iran’s nuclear program, according to a report by the Washington Post.
The report cited unnamed Western officials with knowledge of the effort, saying it involved collaboration by the National Security Agency, the CIA and Israel’s military. None of the agencies would comment on the development.
Flame secretly mapped and monitored Iran’s computer networks and transferred a steady stream of intelligence to prepare for a cyber-warfare campaign, the officials told the Post.
The effort involved the use of destructive software such as the Stuxnet virusto cause malfunctions in Iran’s nuclear-enrichment equipment.
Flame has been described as both the most sophisticated spyware yet and the successor to Stuxnet, according to tech.blorge.com. Stuxnet gained worldwide prominence in 2010 when it emerged as a virus custom-designed to attack a specific piece of equipment in the Iranian nuclear program.
There was suspicion that Stuxnet was the work of a specific nation-state, and anonymous government sources recently reported it was authorized by the Obama administration.
Flame differs from Stuxnet in two ways, the tech site reports. It operates on a modular approach, taking a base of code and then updating itself with sections of code for specific tasks when they become necessary. Tracking the virus is very difficult because different machines have various combinations of code modules.
Flame also takes a comprehensive approach to data gathering, using keyloggers, screenshots, sound recordings and webcam monitoring methods.
The timing and similarities in code suggest that Flame came from the same source as Stuxnet, according to security analysts that say it was likely used as a back-up plan and is so sophisticated that it must also be the work of a particular nation-state. Experts described the overlap as DNA-like evidence that the two sets of malware were parallel projects run by the same entity, the Post reported.
The virus hid in computer operating systems as a routine Microsoft software update and has reportedly been infiltrating computer systems for the last five years. Sources say it evaded detection for so long by using a sophisticated program to crack an encryption algorithm.
But last month, when Iran detected a series of cyber-attacks on its oil industry, Flame finally found itself under the public eye. The disruptive attack on Iran's oil industry was a unilateral operation carried out by Israel that caught the US off-guard, according to the Post, who received the information from several US and Western officials speaking on the condition of anonymity.
“This is not something that most security researchers have the skills or resources to do,” said Tom Parker, chief technology officer for FusionX, a security firm that specializes in simulating state-sponsored cyber-attacks. “You’d expect that of only the most advanced cryptomathematicians, such as those working at NSA.”
Cyber-attacks on Iran’s nuclear program initially began under the George W. Bush administration but have increased under the Obama administration, according to the New York Times.