A highly sophisticated computer virus is infecting computers in Middle Eastern and North African countries. It appears to have been at least five years ago. Is this state-sponsored cyber espionage?
Kaspersky Lab, a Russian cyber-security software maker, said it discovered the virus, dubbed Flame, after a U.N. telecommunications agency asked it to analyze data on malicious software across the Middle East in search of the data-wiping virus reported by Iran.
According to Kaspersky Lab, there is evidence to suggest that the virus resembles the Stuxnet worm that attacked Iran's nuclear program in 2010.
If Kaspersky's findings are validated, Flame could go down in history as the third major cyber weapon uncovered after Stuxnet and its data-stealing cousin Duqu, named after the Star Wars villain.
Hungarian researcher Boldizsar Bencsath, whose Laboratory of Cryptography and Systems Security first discovered Duqu, said his analysis shows that Flame may have been active for at least five years and perhaps eight years or more.
That implies it was active long before Stuxnet.
"It's huge and overly complex, which makes me think it's a first-generation data gathering tool," said Neil Fisher, vice president for global security solutions at Unisys Corp. "We are going to find more of these things over time."
Others said cyber weapons technology has inevitably advanced since Flame was built.
"The scary thing for me is: if this is what they were capable of five years ago, I can only think what they are developing now," Mohan Koo, managing director of British-based Dtex Systems cyber security company.
Some experts speculated that the discovery of the virus may have dealt a psychological blow to its victims, on top of whatever damage Flame may have already inflicted to their computers.
"If a government initiated the attack it might not care that the attack was discovered," said Klimburg of the Austrian Institute for International Affairs. "The psychological effect of the penetration could be nearly as profitable as the intelligence gathered."
Source: http://www.reuters.com/article/2012/05/28/net-us-cyberwar-flame-idUSBRE84R0E420120528
Source: http://www.computerworld.com/s/article/9227524/Researchers_identify_Stuxnet_like_malware_called_Flame_?taxonomyId=85
Source: http://www.pcmag.com/article2/0,2817,2404951,00.asp
Source: http://edition.cnn.com/2012/05/28/business/iran-cyberwar-tehran/index.html
Source: http://www.zdnet.com/blog/btl/flame-most-complex-cyber-attack-ever-discovered/78325
