US-"Israeli" Flame Virus To Spy, Sabotage Iranian Computers
The powerful Flame computer virus is not only capable of espionage but it can also sabotage computer systems and likely was used to attack Iran in April, according to a leading security company, Symantec Corp.
Iran had previously blamed Flame for causing data loss on computers in the country's main oil export terminal and Oil Ministry. But prior to Symantec's discovery, cyber experts had only unearthed evidence that proved Flame could spy on conversations on the computers it infects and steal data.
Symantec researcher Vikram Thakur said on Thursday that the company has now identified a component of Flame that allows operators to delete files from computers, which means it can cause critical programs to fail or completely disable operating systems.
"These guys have the capability to delete everything on the computer," Thakur said. "This is not something that is theoretical. It is absolutely there."
Flame was deployed at least five years ago and is the most sophisticated cyber spying program ever discovered. Researchers have been racing to better understand its capabilities ever since Moscow-based Kaspersky Lab uncovered Flame last month after the security firm was asked by a United Nations agency to look for a virus that Iran said had sabotaged its computers, deleting valuable data.
Last week, researchers at Kaspersky Lab linked some of the software code in Flame to the Stuxnet cyber weapon, which was widely believed to have been used by the United States and "Israel" to attack Iran's nuclear program. Symantec later also said "Stuxnet and Flame shared some code."
Current and former US and Western national security officials told Reuters this week that the United States played a role in creating Flame. The Washington Post reported that "US and "Israel" jointly developed Flame and used it to collect intelligence to help slow Iran's nuclear program."
Iran complained about the threat of cyber-attacks again on Thursday, saying it had detected plans by the United States, "Israel" and Britain to launch a "massive" strike after the breakdown of talks over Tehran's nuclear activities.
If Symantec's conclusions are validated, that means Flame could be used as a weapon to attack computers that run critical infrastructure systems, including dams, chemical plants and manufacturing facilities, security specialists said.
Boldizsár Bencsath, an expert on cyber warfare with Hungary's Laboratory of Cryptography and System Security, said there was at least a 70 per cent chance that Flame was used to attack Iran in April.
"Of course it can be used for sabotage," said Bencsath, who began investigating Flame several weeks before it was first reported to the public. "It may have been used to attack critical infrastructure and it may be used in the future."
Neil Fisher, vice president for global security solutions at Unisys, said Symantec's findings - if verified - mean that Flame could be "highly dangerous."
"Many of our utilities have connected their operational management to the Internet to save costs," he said.
"Water, gas, electricity certainly constitute the critical national infrastructure," he added. "Dysfunction of those ... systems could have uncomfortable consequences for a large number of people."
Source: News Agencies, Edited by moqawama.org
