Flame malware, created by US government, could wreck critical infrastructure
J.D. Heyes
One such scientist is Eugene Kaspersky, whose security lab recently discovered the suspected U.S. and Israeli-generated Flame virus that has been used to attack computers in Iran and elsewhere. He says there should be an immediate global effort designed to stop what he calls "cyber terrorism."
"It's not cyber war, it's cyber terrorism and I'm afraid it's just the beginning of the game [...] I'm afraid it will be the end of the world as we know it," he told reporters at a cyber security conference in Tel Aviv recently. "I'm scared, believe me."
NaturalNews.com reported earlier that Kaspersky's lab believes the development of the Flame virus was linked to the Stuxnet virus, which was also used against Iran in an attack aimed at the country's suspected nuclear weapons complex in 2010.
"We are now 100 percent sure that the Flame and Stuxnet groups worked together," Roel Schouwenberg, a senior researcher at Russia-based Kaspersky Lab, said during a press conference. "The fact that the Flame group shared their source code with the Stuxnet group shows they cooperated at least once."
"We believed that the two teams only had access to some common resources, [but] that didn't show any true collaboration," Schouwenberg continued, in an interview with ABC News. "However, now it turns out that the Stuxnet team initially used Flame to kickstart the project. That proves collaboration and takes the connection between the two teams to a whole new level."
Several nations capable of developing lethal malware
Over the past several months officials in the U.S. have become more frank about the work the United States and Israel did developing Stuxnet, which was deployed to high effect against Iran's Natanz nuclear enrichment installation because, though Tehran denies it, Washington and Tel Aviv say the Islamic republic is developing nuclear weapons.
Cyber security experts say Flame is one of the most sophisticated malicious software (malware) codes that has been discovered thus far. And while many firms are still examining the virus, most experts believe it was released to specifically infect computer systems in Iran and in rival regimes across the Middle East.
Kaspersky said the U.S., Britain, Israel, Russia, China and perhaps India, Romania and Japan are all nations capable of developing that kind of complex software, though he would not say which nation he thought was behind Flame.
When asked whether he believed Israel was part of the solution or the problem behind the rising incidence of cyber warfare, Kaspersky said, "Both."
"Flame is extremely complicated but I think many countries can do the same or very similar, even countries that don't have enough of the expertise at the moment. They can employ engineers or kidnap them, or employ 'hacktivists'," he said.
Cyber warfare - cyber terrorism - is only growing, he added.
"These ideas are spreading too fast. That cyber boomerang may get back to you," he said.
The cyber security expert noted that governments must cooperate to stop the kind of attacks that have so far occurred on several nations' computer infrastructure, much as they have cooperated to stop the spread of nuclear, biological and chemical weapons. And, he said, operating systems should be redesigned.
The more lethal malware could already be out there
"Software that manages industrial systems or transportation or power grids or air traffic, they must be based on secure operating systems. Forget about Microsoft, Linux, Unix" - which are used throughout the U.S. and the West to operate power plants, water treatment facilities, etc., Kaspersky said.
That's going to be the only way to protect computer infrastructure from sabotage or attack, he said.
On a dour note, the security expert seemed to say other, more dangerous and lethal viruses, could already be out there, since malware programs like Stuxnet and Flame have limited lifespans.
"It's quite logical that there are new cyber weapons designed and maybe there are computers which are infected," he said, according to Reuter.
Israel Defense Minister Ehud Barak also attended the conference and voiced agreement that cooperation on an international level was needed to contain cyber warfare threats.
"The damage you can save yourself from proper defense may be more than what you achieve through the offensive action, though both aspects exist," he said.
The New York Times reported in early June that President Obama ordered the Stuxnet attack on Iran intensified after the virus accidentally escaped Iran's Natanz plant, citing a cyber warfare operation initiated by the George W. Bush administration and code-named "Olympic Games."
Sources for this article include:
http://www.naturalnews.com/z036246_Flame_malware_malicious_code.html