Israel Aided US Government in Developing Flame Virus [VIDEO]
The Israeli military worked with US government agencies to develop one of the most sophisticated computer viruses ever developed, according to a report.
The Washington Post quotes several US and Western officials, who spoke on the condition of anonymity, who claim that Flame was jointly developed by the National Security Agency (NSA), the CIA and the Israeli military.
Last week IBTimes UK reported that a security expert believed the US government was behind the attack, but this is the first time evidence of Israeli involvement has emerged.
Flame, one of the most sophisticated pieces of computer malware ever written, was discovered three weeks ago, following an attack on Iran's Oil Ministry and oil export facilities, which the sources said caused only minor disruption.
However, Flame and its predecessor Stuxnet, may be only the "tip of the iceberg", according to Kaspersky Lab's founder Eugene Kaspersky. One of the sources speaking to the Post agrees:
"This is about preparing the battlefield for another type of covert action," said one former high-ranking US intelligence official, who added that the cyber-sabotage operations continues today. "Cyber-collection against the Iranian program is way further down the road than this."
Discovery of Flame
The attack on the Oil Ministry was initiated by the Israeli side without the knowledge and to the surprise of the US government, and this led to Iranian authorities investigating and ultimately discovering the Flame virus, which had gone undetected in the system for more than two years.
The Iranian government turned to a Russian-based security firm and Hungarian-based cyber-lab according to the sources, for help in discovering just what was going on.
The discovery of Flame was jointly announced by Russian-based security firm Kaspersky Lab and Hungarian-based cyber-lab CrySyS Lab three weeks ago. We have asked Kaspersky for confirmation it was contacted by the Iranian government, and at the time of publication, are still waiting for a response - though they declined to comment according to the Post.
While no country has ever taken responsibility for the Stuxnet attack, the previously most high-profile cyberattack on Iran, it is widely held that the US and Israeli governments were behind that attack too.
Stuxnet, which was discovered only when it was 'accidently' spread to public computers, was a targeted disruption attack which was focused on the Iranian government's Natanz nuclear enrichment plant.
Unlike Flame, whose purpose was to silently map Iranian computer networks and collect and upload data, Stuxnet was designed to disrupt the nuclear program by making 1,000 centrifuges spin out of control, thereby slowing down the process of uranium enrichment.
The same DNA
Last week it emerged that Stuxnet and Flame shared some the same DNA, when it was revealed by Kaspersky Lab that a piece of code from an early version of the Stuxnet malware was identical to a module found in the Flame code.
This meant that at some point in their history, the creators of Flame and the creators of Stuxnet collaborated, which adds more weight to the theory that the US and Israeli governments were involved in both operations.
In order for Flame to spread within the Iranian computer networks, the creators had to create a new method of cracking highly complex - and highly trusted - Microsoft Windows digital certificates.
As well as requiring highly complex mathematics and cryptography, it would also have required a supercomputer, such as the one residing in the NSA's headquarters in Maryland.
Once they hacked into Microsoft's system and were able to create viable fake digital certificates, the creators used these to spread around Iran's computer networks by masquerading as official Windows updates.
Mikko Hypponen, chief research officer at Finnish security firm F-Secure, said last week that attacking an American company like Microsoft was a bad decision, pleading with Barack Obama to : "Stop taking away the trust from the most important system we have, which is Microsoft Windows Updates."
Michael V. Hayden, a former NSA director and CIA director who left office in 2009 said what Flame was trying to do by remaining in the background was a lot more difficult than what Stuxnet was doing:
"It is far more difficult to penetrate a network, learn about it, reside on it forever and extract information from it without being detected than it is to go in and stomp around inside the network causing damage."
Hayden declined to discuss any operations he was involved with during his time in government.
© Copyright IBTimes 2024. All rights reserved.