GO ISRAEL!!!THE “FLAME’ UNTO NATIONS FLUMMOXES IRAN

http://www.israelhayom.com/site/newsletter_article.php?id=4508

U.N. International Telecommunications Union: Flame virus is the most powerful espionage tool ever to target countries • Iranians blame Israel, admit their computers have been affected • “Unfortunately, the Israelis are very powerful in the field of IT.”

Iran on Tuesday admitted that the computers of high-ranking officials had been attacked by a software virus and accused Israel of responsibility for cyberattacks on Iranian computer systems by means of the Flame malware.

The admission came as the U.N. agency responsible for regulating the internet warned that the Flame virus is the most powerful espionage tool ever to target countries.

This is the most serious warning we have ever put out,” said Marco Obiso, cybersecurity coordinator for the U.N.’s Geneva-based International Telecommunications Union.

The formal warning will tell member nations that the Flame virus is a dangerous espionage tool that could potentially be used to attack critical infrastructure, he said. “They should be on alert.” The warning is the latest signal that a new era of cyberwarfare has begun following the 2010 Stuxnet virus attack that targeted Iranian nuclear installation computers.

He said the ITU would set up a program to collect data, including virus samples, to track Flame’s spread around the globe and observe any changes in its composition.

Moscow-based Kaspersky Lab ZAO said the Flame virus was unprecedented both in terms of its size and complexity, possessing the ability to turn infected computers into all-purpose spying machines that can even suck information out of nearby cell phones. On its blog, Kaspersky called Flame “the most sophisticated cyberweapon yet unleashed.”

“This is on a completely different level,” Kaspersky researcher Roel Schouwenberg said in a telephone interview Tuesday. “It can be used to spy on everything that a user is doing.”

Kaspersky Lab said it found the Flame infection after the ITU asked the Russian company to investigate recent reports from Tehran that a mysterious virus was responsible for massive data losses on some Iranian computer systems.

So far, the Kaspersky team has not turned up the original data-wiping virus that they were seeking and the Iranian government has not provided Kaspersky a sample of that software, Obiso said.

Flame is the third major cyberweapon discovered in the past two years, and Kaspersky’s conclusion that it was crafted at the behest of a national government fueled speculation that the virus could be part of an Israeli-backed campaign of electronic sabotage aimed at archrival Iran.

So far, Flame appears focused on espionage. The virus can activate a computer’s audio systems to eavesdrop on Skype calls or office chatter, for example. It can also take screenshots, log keystrokes, and — in one of its more novel functions — steal data from Bluetooth-enabled cellphones.

A unit of the Iranian communications and information technology ministry said it had produced an anti-virus capable of identifying and removing Flame from its computers.

“Its encryption has a special pattern which you only see coming from Israel,” Kamran Napelian, an official with Iran’s Computer Emergency Response Team told The New York Times. “Unfortunately, they are very powerful in the field of IT.”

Officials in Tehran took remarks made Tuesday by Vice Prime Minister and Minister of Strategic Affairs Moshe (Bogie) Ya’alon as proof of Israel’s link to the virus.

Ya’alon told Army Radio, “Those who view Iran as a significant threat are likely employing various means, including this one, to attack it.”

He added, “Israel has been blessed with elite technology, and these tools that we pride ourselves in open up all sorts of options for us.”

The official Iranian news agency Fars said on Tuesday that “Israel’s Deputy Prime Minister Moshe Ya’alon acknowledged the Zionist regime’s cyberwar attack on Iran, including developing malicious software to damage sensitive Iranian data and computers.”

Iranian Foreign Ministry spokesman Ramin Mehman-Parast also addressed the issue and hinted at Israeli involvement in the virus. “Some countries and illegitimate regimes are used to producing viruses,” he was quoted by FARS as telling reporters on Tuesday, in comments that FARS noted “are seen as a clear reference to Israel.”

International media took the spokesman’s comment on “illegitimate regimes” as a reference to Israel, since the regime in Tehran does not recognize Israel’s right to exist.

“Such acts of cyberwar would not damage Iran’s computer systems,” Mehman-Parast said, despite earlier Iranian claims that a great deal of information was lost because of the virus.

While Iran was quick to blame Israel for the malware, in his interview to Army Radio, Ya’alon later said, “I reckon it is certainly reasonable that everyone who sees in the Iranian threat a significant threat — and that is not just Israel, but all of the Western world, led by the United States — is resorting to all means available, including these, in order to harm the Iranian nuclear project,”

Iranian officials involved in information security and tasked with confronting the virus admitted on Tuesday that Flame appears to be more dangerous than the Stuxnet worm, which was discovered two years ago after it infected Iranian computer systems connected to the country’s nuclear program.

Kaspersky Lab, a Russian-based multinational computer security company that discovered the virus, said Monday that the new virus was one of the most malicious and complex viruses ever concocted. They surmised that Flame had been written at the behest of the same country that had unleashed the Stuxnet virus and the similar Duqu virus.

After Kaspersky cracked Flame’s encryption code, several anti-virus software manufacturers released updated versions of their products which are now able to scan computers, detect Flame and remove it.

Information security experts believe that Flame’s sophisticated encryption took several years and was not the work of amateurs

 

Comments are closed.