Flame Malware Joint U.S., Israeli Attack on Iran’s Nuclear Program: Report

The story of the Flame continues to take more twists and turns, as a report has surfaced tying the malware to a joint cyber-effort between the United States and Israel.

According to The Washington Post, Flame was developed five years ago as part of an initiative code-named Olympic Games that was designed to disrupt Iran’s nuclear ambitions. That initiative has also been linked to the creation of Stuxnet, which was recently exposed as a collaborative development project involving U.S and Israeli intelligence and military services.

The revelation comes a week after researchers at Kaspersky Lab reported they found a direct link between Flame and Stuxnet. According to Kaspersky, the main module in Flame contains code similar to what was found in an early version of Stuxnet.

“The existence of a link reinforces a point that was already known: Both the opportunity and the motivation exist for extremely sophisticated actors to target critical systems,” said Francis Cianfrocca, chief executive officer at Bayshore Networks, in an interview with eWEEK.

While Stuxnet was designed to sabotage centrifuges, Flame is a cyber-espionage toolkit that comes with a variety of capabilities, including the ability to record audio, take screenshots and capture keyboard activity. The malware’s complexity has been a popular subject of discussion among security researchers, particularly as revelations emerged that it used a forged digital certificate as part of a man-in-the-middle attack that leveraged Microsoft’s Windows Update feature to infect computers on a local network. The malware also spreads through infected USB sticks.

€œIt is far more difficult to penetrate a network, learn about it, reside on it forever and extract information from it without being detected than it is to go in and stomp around inside the network causing damage,€ Michael V. Hayden, a former National Security Agency director and Central Intelligence Agency director who left office in 2009, told The Washington Post. He declined to discuss any operations he was involved in during his time in government.

The scale of the espionage and sabotage effort €œis proportionate to the problem that€™s trying to be resolved,€ a source described as a former high-ranking intelligence official told The Washington Post, in reference to Iran’s nuclear program. The official also said that while Stuxnet and Flame infections can be countered, €œit doesn€™t mean that other tools aren€™t in play or performing effectively.”