Hardly had the memories about the Flashback Trojan and Stuxnet virus faded, as Kaspersky sounded yet another big security alarm. One of the world's largest anti-virus companies posted yesterday a detailed report about Flame, a new super-malware program raging on Middle-East computers. According to Alexander Gostev, one of the Kaspersky leading specialists, Flame 'pretty much redefines the notion of cyberwar and cyberespionage', bringing them to a new sophistication level.
Those of you who have played CoD: Modern Warfare games may think that the state-of-the-art military technologies are something that makes people like you and me turn into mobile death machines, wreaking havoc all around them. However, it's not quite true. Actually, it's completely wrong: the cutting-edge military is all about the IT. Many military experts believe that most future wars will be dominated by hackers: those who will be able to bring enemy machines to a halt first will be the winners.
This point was provided with ample evidence last Fall, as the notorious Stuxnet virus attacked the Iranian industrial infrastructure and led to serious problems with Iran's nuclear program. According to the reports by the Guardian, the BBC, and the New York Times, after analyzing the operational mode and code of Stuxnet, many anti-virus experts came to an unambiguous conclusion that the virus had been developed by a nation-state. All other possible malware sources simply did not dispose of sufficient human and material resources to bring about a virus that sophisticated. This fact was assessed by many as a sign that military-purpose malware has ripened enough to become a powerful warfare instrument.
And it looks like Stuxnet was only the beginning. Now, the Malware Hall of Fame has been replenished with Flame, a new virus, greatly surpassing all the world has seen so far. The scale of Flame astonishes: if Kaspersky report is something to believe, the malware comprises almost 20 Mb of modules, including compression and database manipulation libraries, as well as a LUA (least user access) virtual machine. The new super-virus is capable of almost everything modern malware is purposed for: it can steal your data, change your computer settings, make screenshots of your system, make up chat conversation logs, and even switch on your microphone in order to record your talks. Kaspersky has not commented on whether there are any potentially destructive features in Flame (like those in Stuxnet).
There's is no definite evidence regarding the connection between Stuxnet and Flame, as the two programs have no major similarities. Still, there are indications that the developers of Flame had access to the same exploits as the authors of Stuxnet. Kaspersky, however, cautiously assumed that it 'would position Flame as a project running parallel to Stuxnet'.
Flame first surfaced on numerous Middle-East computers, primarily in such countries as Iran, Palestine, and Sudan. The scale and complexity of the threat made the UN's ITU (International Telecommunication Union) resort to Kaspersky's help in analyzing Flame. The IT-security company has come to the conclusion that the only possible way to explain how the sophisticated Trojan came into being is that it was sponsored by a nation-state, just as Stuxnet was. Even though Kaspersky refrained from making any specific suggestions concerning Flame's possible country of origin, its evidently high development costs narrow down the possible suspects range to the well-off Western countries. Among the most likely sponsors of Flame are Israel and the USA, the two countries having the most tense relationships with Iran, the primary goal of the attack.
Update: 1. The Israeli prime-minister Moshe Ya’alon has given the world reasons to believe it could be Israel who stands behind the Flame attack. "Israel is blessed as being a country rich with high-tech, these tools that we take pride in open up all kinds of opportunities for us," the PM said in his interview to the Army Radio.
2. According to persistemnt rumours floating on the Web, UN is planning to release a major warning about the Flame virus as the malwre poses a serious threat to the international security.