Flame Malware Was The Brainchild Of CIA, NSA And Israeli Military
June 20, 2012

Flame Malware Was The Brainchild Of CIA, NSA And Israeli Military

Lawrence LeBlond for redOrbit.com

Flame malware, a sophisticated program that infected numerous computers in the Middle East and was first discovered by researchers at Kaspersky Lab, has been confirmed to be a jointly created effort of the Central Intelligence Agency (CIA), the National Security Agency (NSA), and the Israeli military to sabotage Iran´s nuclear program, officials familiar with the matter have confirmed, according to the Washington Post.

The newspaper cited that “Western officials with knowledge of the effort” designed the malware to spy on Iran´s computer networks and use information gathered as part of an ongoing cyber-warfare campaign.

The cyber-warfare campaign against Iran´s nuclear program has also included the use of the Stuxnet virus that caused malfunctions in Iran´s nuclear enrichment equipment, according to the Post.

Officials with the CIA and NSA confirmed to Reuters that the US government actively played a role in creating the Flame virus. Since the virus was more of an intelligence-based “collection” program rather than a virus meant to sabotage computer systems, it required less-strict US legal review than past cyber-warfare campaigns the country has been involved in, experts told Reuters.

There has been speculation that Washington was involved in the development of Flame, but the collaborative efforts between the US and Israel had not been previously confirmed. Kaspersky and Symantec both found that Flame contained some of the same code as Stuxnet, describing that the overlap in DNA-like evidence indicated that the two viruses came from the same creators.

“We are now 100 percent sure that the Stuxnet and Flame groups worked together,” said Roel Schowenberg, a senior researcher for the Kaspersky.

The CIA, NSA and Israeli Embassy in Washington have so far declined to comment on the matter.

The virus was discovered last month by researchers at Kaspersky Labs in Russia, after Iran detected cyber-attacks on its Oil Ministry and oil export facilities.

“The virus penetrated some fields – one of them was the oil sector,” Gholam Reza Jalali, an Iranian military official told the country´s state radio at that time. “Fortunately, we detected and controlled this single incident.”

Still, Flame is the most complex computer spying program ever discovered. It was designed to spy on Iran´s nuclear program while camouflaged as a routine Microsoft software update. The virus went undetected for several years using a sophisticated program to crack an encryption algorithm.

“This is not something that most security researchers have the skills or resources to do,” Tom Parker, chief technology officer for FusionX, a security firm that specializes in simulating state-sponsored cyberattacks, told Post reporters Ellen Nakashima, Greg Miller and Julie Tate.

He said he does not know who is behind the virus, but, “you´d expect that of only the most advanced cryptomathematicians, such as those working at NSA.”