Feeds

Flame was scout ahead of Stuxnet attack on Iran nukes - US spooks

Israel blamed for cyberweapons' escape into the wild

Security for virtualized datacentres

Flame was created by the US and Israel in order to collect intelligence on Iranian computer networks as part of the same covert operation that spawned Stuxnet.

Anonymous US officials told the Washington Post that Flame was created as part of of the secret programme codenamed Olympic Games. Flame was designed as a means to map Iranian networks, as part of a reconnaissance mission to map closed computer networks that served as a prelude to the sabotage of systems at Uranium nuclear enrichment facilities carried out by Stuxnet.

The news that the US and Israel were behind Flame follows weeks after a similar confirmation that the two countries cooked up Stuxnet. Neither revelation came as a particular surprise since both strains of malware bore the hallmarks of a state-sponsored attack, cooked up by intelligence agencies or perhaps military sub-contractors rather than anything that might have been developed by either cybercrooks or politically-motivated hacktivists.

Flame was developed around five years ago as part of a classified US-Israeli effort designed to slow down Iran’s nuclear programme, reducing the pressure for a conventional military attack that would undoubtedly inflame tension in the Middle East.

Stuxnet and Flame are both elements of a broader and ongoing cyber-assault, one former high-ranking U.S. intelligence official told the Washington Post. Although Stuxnet and Flame can be countered "it doesn’t mean that other tools aren’t in play or performing effectively," he said.

Key agencies in the development of Stuxnet included the CIA’s Information Operations Center, the NSA and an Israel Defence Forces intelligence formation known as Unit 8200.

However despite working together to develop "cyberweapons" the US and Israel have not always co-ordinated their attacks. The Washington Post sources blame assaults on Iran’s Oil Ministry and oil-export facilities launched by Israel in April for the discovery of Flame. Israel was also blamed for changes in Stuxnet that meant it spread from the compromised laptop of an Iranian nuclear technician onto the internet.

Intelligence agencies from both Israel and the US are also using more conventional spycraft to screw up the supply of hi-tech components necessary to sustain Iran's controversial nuclear program, for example by making sure the high speed centrifuges supplied to the country are often faulty.

Last week, researchers with Kaspersky Lab reported that Flame was created by a group that must have collaborated with whoever created Stuxnet. A component in an early build of Stuxnet appears in Flame as a plugin. Despite this link Stuxnet and Flame are not close relatives. However Stuxnet uses the same programming building blocks as Duqu, another information stealing cyberweapon.

Neither the US or Israel has claimed responsibility for the creation of Duqu, as yet. ®

Security for virtualized datacentres

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Why Oracle CEO Larry Ellison had to go ... Except he hasn't
Silicon Valley's veteran seadog in piratical Putin impression
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.