“Flame”..Massive cyber-attack discovered..Iran “finds fix”..UN cyber war alert
A complex targeted cyber-attack that collected private data from countries such as Israel and Iran has been uncovered, researchers have said.
Russian security firm Kaspersky Labs told the BBC they believed the malware, known as Flame, had been operating since August 2010.
The company said it believed the attack was state-sponsored, but could not be sure of its exact origins.
They described Flame as “one of the most complex threats ever discovered”.
Research into the attack was carried out in conjunction with the UN’s International Telecommunication Union.
They had been investigating another malware threat, known as Wiper, which was reportedly deleting data on machines in western Asia.
In the past, targeted malware – such as Stuxnet – has targeted nuclear infrastructure in Iran.
Others like Duqu have sought to infiltrate networks in order to steal data.
This new threat appears not to cause physical damage, but to collect huge amounts of sensitive information, said Kaspersky’s chief malware expert Vitaly Kamluk.
“Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on,” he said.
More than 600 specific targets were hit, Mr Kamluk said, ranging from individuals, businesses, academic institutions and government systems.
Iran’s National Computer Emergency Response Team posted a security alert stating that it believed Flame was responsible for “recent incidents of mass data loss” in the country.
The malware code itself is 20MB in size – making it some 20 times larger than the Stuxnet virus. The researchers said it could take several years to analyse.
Iran says it has developed tools that can defend against the sophisticated cyber attack tool known as Flame.
The country is believed to have been hit hard by the malicious programme which infiltrates networks in order to steal sensitive data.
Security companies said Flame, named after one of its attack modules, is one of the most complex threats ever seen.
Iran says its home-grown defence could both spot when Flame is present and clean up infected PCs.
A United Nations agency says it is poised to issue its “most serious” cyber security warning about the risk of the Flame computer virus, which was recently discovered in Iran and other parts of the Middle East.
“This is the most serious warning we have ever put out,” said Marco Obiso, cyber security coordinator for the UN’s Geneva-based International Telecommunications Union (ITU), which is charged with helping member nations secure their national infrastructures.
The confidential warning will tell member nations that the Flame virus is a dangerous espionage tool that could potentially be used to attack critical infrastructure, Mr Obiso said.
“They should be on alert,” he said.
“I think it is a much more serious threat than Stuxnet.”
The warning is the latest signal that a new era of cyber warfare has begun, following the 2010 Stuxnet virus attack that targeted Iran’s nuclear program.
Mr Obiso said he believed Flame was probably built on behalf of a nation state.
thanks to eggins10 for the link..
i know i am a suspicious sort of guy but the timing here is convenient, as the world discusses handing control of the internet to the UN owned ITU..i think this all part of it..flame, stuxnet.. whatever..its a game of fear and cpntrol and regulation..”we need the ITU to fix the net”.. I can see the headline now..