The failure to protect the Flame code from being reverse engineered may turn out to have been a monumental error.
The discovery of a new species of highly sophisticated malware earlier this week adds another puzzle piece to the contemporary cyberwar battleground. Flame, as it’s called, is a whopper of a program—20 megabytes, the size of a video file, and 40 times bigger than the Stuxnet virus that took down Iranium centrifuges back in 2010. But Flame is not just another cyber weapon—it could greatly expand the scope of nations capable of carrying out cyberattacks.
Flame bears many similarities to Stuxnet. Both are specimens of highly advanced programming and detailed expertise in many specialized areas. Both programs are the products of large teams of experts working hundreds of hours on development and testing. Only a handful of nations have the technical capacity to do this kind of work. The list would include the United States, the UK, Germany, China, Russia, Israel and Taiwan, says Scott Borg, head of U.S. Cyber Consequences Unit, a security consulting firm.
But Flame differs from Stuxnet in many important respects. Whereas Stuxnet was designed for a specific purpose—infiltrating and destroying the centrifuges used in Iran’s nuclear fuel enrichment facility at Natanz—Flame appears to be a general purpose tool for espionage. It has a broad ability to gather data from screenshots or through Bluetooth connections with other devices. Once Flame makes it onto a computer, it begins “sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on,” says a May 28 report by security firm Kaspersky. It can compress and encrypt the information it captures and hold onto it until it has a reliable Internet connection to send it Flame was apparently targeted to countries in the Middle East—it was showed up mainly in Iran, with infections also in Israel, the Palestinian territories, Sudan and Syria.
via Scientific American – Fred Guteri
The Latest Streaming News: Cyber Warfare updated minute-by-minute