All three forms of malware have infiltrated computer systems belonging to the Islamic Republic of Iran, among other countries, and the latest—the Flame—allegedly possesses both espionage and sabotage capacities. Around the world, as computer labs offer analyses, and news reports cite political sources, few people are actually expressing doubts about the mastermind behind the latest bug.
In all likelihood, it’s Israel, the U.S., or both.
“Anyone who sees the Iranian threat as a significant threat—it’s reasonable [to assume] that he will take various steps, including these, to harm it,” Israel’s Vice Minister and Minister of Strategic Affairs Moshe Ya’alon ominously told an Israel Army Radio interviewer on Tuesday, according to Tablet. “Israel was blessed as being a country rich with high-tech, these tools that we take pride in open up all kinds of opportunities for us.”
“The country that brought us Iranian nuclear assassinations, explosions at Iran missile bases, and Stuxnet, is at it again,” Richard Silverstein wrote more bluntly on Israel’s Tikun Olam Web site, according to The New York Times.
Aside from Iran, the Palestinian Territories, Sudan, Syria, Lebanon, Saudi Arabia, and Egypt were also affected by the virus.
And according to Russia’s Kaspersky Lab, which first detected the virus and announced its activity to the world on Monday, the Flame “may be part of a parallel project created by contractors who were hired by the same nation-state team that was behind Stuxnet and its sister malware, Duqu.” Israel is widely believed to have been behind the construction of both of those viruses.
In terms of espionage, experts at the Russian internet security company found that the Flame can transfer files, audio recordings, screenshots, instant messaging (IM) conversations and keystrokes from infected systems. Because it is operated by a remote source, experts have had difficulty tracking the Flame’s activity.
“[The Flame] does not operate independently, but is controlled by a remote computer, and thus only when it receives an order does it start working,” Ilan Proimovich, Kaspersky’s representative in Israel, told Army Radio, according to Haaretz. “For this reason, it is difficult to detect, because it is not always active.”
He called the Flame a “masterpiece of programming.”
The newly discovered bug shares a number of characteristics with Stuxnet, the virus discovered in 2010 that primarily targeted Iranian computers. According to Tehran, Stuxnet had damaged centrifuges operating at the Natanz uranium enrichment facility. Duqu, Stuxnet’s cousin, which is capable of gathering data rather than destroying it, surfaced in September 2011.
But experts say the Flame’s recent infections were purportedly far greater in scope than those of earlier viruses. Over 600 targets—including individuals, businesses, academic institutions and government systems—fell prey to the worm, Haaretz quoted Kaspersky’s chief malware expert Vitaly Kamluk as having told the BBC.
Kamluk conjectured the malware had been operational since August 2010.
“Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide,” added Eugene Kaspersky, CEO and co-founder of Kaspersky. “The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country.”
Symantec, another Internet security firm, said the virus has also infected systems in Hungary, Austria, Russia, Hong Kong and the United Arab Emirates, according to Haaretz. But word from Iran confirmed reports that the regime had bore the brunt of the damage.
“Large amounts of data were corrupted and lost” as a result of the Flame, Tehran said earlier this week, according to Yediot Acharonot. And the regime’s leaders wasted little time in pointing fingers at the Zionist regime.
“Top Israeli officials all but admitted that they have created the most complex spyware in history,” they said.
At around the same time that the Flame was being discovered, Israel announced its intent to invest an additional $13 million in “national cyber defenses,” according to Israel Today.
The Flame was discovered at the same time that Wiper, another computer virus, was allegedly making its way through Iran’s computers and erasing programs. The International Telecommunications Union, a United Nations agency, asked Kaspersky researchers to look into Wiper when they uncovered the extent of Flame’s damages, according to The Times.
Though Iran’s allegations, precedent, and Ya’alon’s words seem to hold Israel responsible for the Flame, the Vice Minister modified his remarks on Twitter shortly after he was interviewed Tuesday.
“There are several countries in the West with vast technological capabilities that view Iran, and particularly a nuclear Iran, as a significant threat,” he wrote on his Twitter page. “These countries are probably capable of dealing in cyber warfare.”