The Flame virus has been described as both the most sophisticated spyware yet and the successor to Stuxnet. Now anonymous government insiders say that both it and Stuxnet are the part of American and Israeli operations against Iran.
Stuxnet hit the headlines in 2010 as it emerged the virus was custom-designed to attack a specific piece of equipment in the Iranian nuclear program. The virus was long suspected to be the work of a nation state, and anonymous government sources recently reported it was authorised by the Obama administration.
Flame, uncovered earlier this year, stands out in two ways. Firstly it operates on a modular approach, taking a base of code and then updating itself with sections of code for specific tasks as and when they are needed. This makes tracking the virus more difficult as different machines have different combinations of code modules.
Secondly, Flame takes a comprehensive approach to data gathering, with everything from keyloggers and screenshots to webcam monitoring and even sound recordings.
Security analysts have said that not only does the timing and similarities in code suggest Flame came from the same source as Stuxnet, likely as a back-up plan, but that it is so sophisticated that it must also be the work of a nation state.
According to a ” former high-ranking U.S. intelligence official” quoted anonymously by the Washington Post this week, that is indeed the case. Not only is Flame the work of the US and Israel, days the source, but it’s part of a wider program: “Cyber-collection against the Iranian [nuclear] program is way further down the road than this.”
The newspaper also reports several sources that say Flame only came to public attention after a blunder by Israel, which had diverted it to attack Iran’s oil industry without US knowledge.
That the two national governments could be responsible shouldn’t really be a surprise given the complexity of the attacks and the targets. But if the claims are true, it may be very hard for the US and Israel to claim the moral high ground when, for example, complaining about hacking by the Chinese government. Indeed, there may even be an argument for Stuxnet and Flame to be considered an act of war.