According to a report in the Washington Post, unlike Stuxnet, the latest malware identified appears to be used solely for espionage. (1)
Whilst the name of the espionage computer virus has been variously titled Flame, Skywiper and Flamer – Flame being the most consistent – its size and potential damage are much more certain, with numerable reports agreeing that the new virus is the largest and possibly most complex piece of malware ever discovered.
Reports suggests that it is state sponsored. (2)
State Intelligence Most Likely Responsible for Flame
Similar to the Stuxnet worm, the identity of those responsible for creating Flames remains a mystery. However, due to the sophistication of the virus, which is loaded with functions, many researchers are suggesting that either Israel or the United States (or both) are responsible for Flame.
Some analysts are even stating that because the characteristics between Stuxnet and Flame are so similar, it is likely that whoever created Stuxnet is also behind Flame.
As Roel Schouwenberg, a senior researcher with Kaspersky Labs, a Russian cybersecurity company, told the Washington Post following an analysis of Flame:
“It’s very likely it’s two teams working effectively on the same program but using two very different approaches.” (3)
The sophisticated spyware is said to be 100 times the size of the most malicious spyware, and according to a report in the Daily Mail, several cyber experts are deeming that the Flame computer virus is too sophisticated to have been created anywhere other than the U.S.
Some analysts point the finger at the highly secretive National Security Agency. (4)
The report continues to state that Marco Obiso, the UN security chief, moved to highlight the severity of the situation after it was revealed that the spyware had been used to hack computers in the Middle East, including Iran, Sudan, Lebanon and Saudi Arabia.
However the Moscow-based Internet security firm, Kaspersky Lab ZAO, has helped fuel the idea that the Flame virus is part of an Israeli-backed campaign of computer sabotage aimed at Iran.
The Daily Mail points out that while Israel has done little to dispute the claim, some believe the nation does not have the capacity to launch such a cyber-attack.
Accusations that it “must be” the U.S. are backed up with little evidence, and feeling under no obligation, U.S. officials have declined to comment on the Flame virus.
What does remain clear however, is that Iran remains a primary target for the most complex piece of malicious computer software to date. As computer expert and former chief of the President’s Critical Infrastructure Protection Board under George W. Bush, Roger Cressey told NBC News:
“Whoever has developed this is engaged in very sophisticated intelligence-gathering on computer networks throughout the region. Clearly Iran is a top priority for this program.” (5)
Cyber Attack Making Iranian Officials Paranoid
The same NBC report talks of how the Iranian President, Mahmoud Ahmadinejad, announced that the work Kaspersky Labs has carried out has helped Iran uncover the infection and remove it from the centrifuge control program.
Similar to Stuxnet, viruses such as Flame not only affect the targeted program, but they also aim to make Iranian officials “paranoid”.
According to NBS, Flame has succeeded in making Iran “paranoid” by forcing Iranian officials to speculate over security, and raising concerns in government circles about whether or not rivals of Iran know about the “intricacies” surrounding Iranian decision making.
These ‘decisions’ may not be necessarily related solely to the Iranian nuclear program, but also other sensitive issues that may be of importance to the U.S. and the West. (6)
It’s creators, capabilities and aims may remain a mystery. Computer software experts and analysts around the world may continue to speculate on the origins of the malware.
However, one thing about Flame is certain – the nature of this software is evidence that malware is a now a potent weapon for intelligence organizations. The world has entered a new dawn of cyber espionage and sabotage.