Quantcast

«

»

Jun 21 2012

And to no one’s surprise …

… it is revealed that the US and Israel were behind the latest Flame computer malware (along with the earlier Stuxnet malware) that was used to wage cyber warfare against Iran.

The United States and Israel jointly developed a sophisticated computer virus nicknamed Flame that collected intelligence in preparation for cyber-sabotage aimed at slowing Iran’s ability to develop a nuclear weapon, according to Western officials with knowledge of the effort.

Flame was designed to do all this while masquerading as a routine Microsoft software update; it evaded detection for several years by using a sophisticated program to crack an encryption algorithm.

“This is not something that most security researchers have the skills or resources to do,” said Tom Parker, chief technology officer for FusionX, a security firm that specializes in simulating state-sponsored cyberattacks. He said he does not know who was behind the virus. “You’d expect that of only the most advanced cryptomathematicians, such as those working at NSA.”

Time for Tom Gjelten of NPR to give another one of his reports warning of the danger to the US of cyberwar being waged by other countries, and for the US government to warn that such an attack on the US would constitute an act of war.

Because double standards are now the norm.

7 comments

Skip to comment form

  1. 1
    Improbable Joe, bearer of the Official SpokesGuitar

    But but but… worldwide Muslim takeover of the West! We have to defend ourselves! At least we didn’t chop off their heads!

    “Do as I say, not as I do” and “at least we’re not as bad as the worst thing” and “might makes right” are not what most people would describe as the pinnacle of ethical standards, yet that seems to be what we aspire to these days.

  2. 2
    kagerato

    I find it completely laughable that anyone would use Microsoft software in a high-profile security-critical application like nuclear engineering. There’s simply no feasible way to audit the amount of code and data that ships with Windows. Nor is there is any reasonable means to eliminate the enormous amount of garbage you don’t use in there.

    Apparently the actual malware was delivered the old fashioned way (physically, by inserting a flash device or some other storage), rather than through the internet. They weren’t quite dumb enough to connect the machines to the internet.

    One way or the other, I will definitely take industrial sabotage over bombing countries we don’t like to tiny bits. Even though we would almost certainly regard similar behavior as an act of war if done to us. (-_-)

  3. 3
    Dunc

    Double standards have always been the norm.

  4. 4
    jamessweet

    Yeah, once it became clear they had managed to pull off the MD5 exploit, I figured it had to be a state actor, and since the target was Iran, I was figuring US. You need too much computing power to pull off that exploit.

    I’m not quite so disturbed by this… it seems to me there is a difference between cyber-espionage and cyber-warfare, and this seems to be pretty clearly a case of the former (i.e. there was no intent to disrupt infrastructure, only to gather information). It’s pretty much accepted that countries spy on each other, right? I mean, it’s relatively uncontroversial that we are spying on Iran (and half our frikkin’ allies, for that matter), right? So this really isn’t any worse, in my mind…

    Actual sabotage of another country’s infrastructure would be another story, though…

  5. 5
    theschwa

    If having standards is good, then double standards must be twice as good, right?

  6. 6
    Marcus Ranum

    Yeah, once it became clear they had managed to pull off the MD5 exploit, I figured it had to be a state actor

    It was clear that it was a state actor, and some of us were laying odds it was the US, back in the fall of last year. The reason was because Stuxnet included information about the layout of the gas centrifuge cascade at Natanz; information that is not exactly on the Iranian nuclear agency’s facebook page. It also did destructive changes to the centrifuges, which were Pakistani-built RP-1s (I’ve never found an adequate explanation of how Iran got Pakistani centrifuges but presumably it was from aqkahn.com) the only “spare” RP-1s in the world were in Oak Ridge, TN – the ones that the Libyan regime turned over to the US “for destruction” when they halted their nuclear program.

    BTW, that was one hell of a bait and switch we played on Muammar, huh? :/

  7. 7
    Marcus Ranum

    PS – there’s a more in-depth explanation here:
    http://fabiusmaximus.wordpress.com/2011/09/29/29291/
    That was from late 2011. I’m depressed to see that I was 100% correct. :/

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite="" class=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>