Was Flame super-virus created in the US? Cyber weapon threatening to cripple entire nations has ‘hallmarks of the NSA’
- Cyber experts: Spyware too sophisticated to have come from anywhere else
PUBLISHED: 07:54 EST, 30 May 2012 | UPDATED: 08:06 EST, 30 May 2012
The Flame computer virus which is threatening to bring countries to a standstill is too sophisticated to have been created anywhere other than the U.S., it was claimed today.
As the United Nations prepares to issue its ‘most serious warning’ to guard against the superbug, cyber experts said it carried all the markings of a U.S. espionage operation.
Specifically, they have pointed the finger at the highly secretive National Security Agency.
UN computer security chief Marco Obiso moved to highlight the gravity of the situation after it emerged the bug had been used to hack into computers in Iran.
The sophisticated spyware – said to be about 100 times the size of most malicious software – also hacked other machines in the Middle East, including Sudan, Saudi Arabia, Lebanon and Egypt.
Mr Obiso said the warning will underline the danger the virus represents to the critical infrastructure of member nations.
The conclusion by Moscow-based internet security firm Kaspersky Lab ZAO that it was crafted at the behest of a national government fuelled claims that Flame was part of an Israeli-backed campaign of electronic sabotage aimed at archrival Iran.
While Israel has done little to dispute the claims, some believe they do not have the capacity to launch such an attack.
‘It was (the) U.S,’ one anonymous official told NBC News, although they conceded that they had no first-hand knowledge about how the virus operates or how it was fed into Iranian computers.
Another observer, computer security expert Roger Cressey, said the target would likely be Iran’s nuclear program and its decision-making apparatus if indeed the virus was the work of the U.S.
‘Whoever has developed this is engaged in very sophisticated intelligence-gathering on computer networks throughout the region.
FLAME 100 TIMES MORE COMPLEX THAN TYPICAL HACKING VIRUS
Flame is the most complex piece of malicious software discovered to date, according to experts at Moscow-based Kaspersky Labs, which discovered the virus.
It is the third major cyber weapon uncovered after the Stuxnet virus that attacked Iran’s nuclear program in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain.
The Trojan bug has about 100 times as much code as a typical virus designed to steal financial information.
It can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.
Russian cyber company Kaspersky Labs said there was evidence to suggest the code was commissioned by the same nation or nations that were behind Stuxnet and Duqu, a ‘trojan horse’ program which was detected in industrial systems earlier this year.
‘Clearly, Iran is a top priority for this program,’ said Cressey, a former chief of staff of the President’s Critical Infrastructure Protection Board under George W. Bush.
Kaspersky Labs said there was evidence to suggest the code used to create Flame was commissioned by the same nation or nations behind the Stuxnet virus which attacked Iran’s nuclear program in 2010.
Stuxnet, suspected of being created by the U.S. and Israel, was inserted into the Iranian centrifuge center at Natanz, causing the motors controlling the uranium centrifuge to wobble instead spinning as they should, officials said.
But unlike Stuxnet, Flame is designed to steal information rather than sabotage it and can even turn on microphones on infected PCs to listen to conversations.
This, U.S. officials say, will make the Iranians ‘paranoid’ about whether their enemies have uncovered sensitive decision-making information about the country’s nuclear programme, which many believe is geared towards producing an atomic weapon.
U.S. intelligence officials declined to comment on the Flame virus.
The U.S. is an acknowledged leader in cyber defence.
The U.S. Army maintains more than 50 ‘cyber ranges’ – hi-tech facilities built by defence company Northrop Grumman, where military networks can be tested against threats such as viruses in a ‘safe’ environment.
The facilities use hi-tech computer equipment to simulate cyber attacks on a large scale – such as attacks on entire power grids.
The country is less open about the offensive – ‘black’ – versions of such facilities, but several high-ranking U.S. officials have admitted that the country is considered to be the world leader in ‘cyber weapons’.
Computer security expert Ralph Langner, who ‘unravelled’ the Stuxnet virus, said that the weapon was ‘designed by the CIA’.
Earlier this week, Iran’s National Computer Emergency Response Team posted a security alert saying it believed Flame was responsible for ‘recent incidents of mass data loss.’ It also claimed an antidote had been found.
The discovery of the Flame virus came just days after talks between Iran and six world powers in Baghdad failed to persuade Tehran to freeze uranium enrichment.
A new round of talks is expected to take place in Moscow next month.