SUBSCRIBE
114
0
Security

Flame was intelligence-gathering tool for Stuxnet

John E Dunn
The Flame cyber-weapon was part of an intelligence-gathering operation designed to aid separate more physically disruptive attacks, the Washington Post has reported anonymous US officials as saying.
 
If accurate this would posit Flame as the software that made more than one version of Stuxnet (discovered before Flame but now forensically connected to it) the effective tool it turned out to be when wielded against systems at Iran’s nuclear enrichment facility in Natanz.
 
Flame was so successful at its reconnaissance role that it probably furnished Iran’s enemies, including co-developer Israel, with enough data to attack a wide range of other targets, including a mysterious one reported on the country’s main oil terminal as recently as April.
 

“This is about preparing the battlefield for another type of covert action,” the newspaper reported the U.S. official as saying. “Cyber-collection against the Iranian program is way further down the road than this [Flame],” confirming that operations were ongoing.

“It [Flame] doesn’t mean that other tools aren’t in play or performing effectively,” the official reportedly said.

Normally, newspaper reports such as this would be part of the stream of interesting speculation of the sort that has appeared from time to time since Stuxnet’s discovery almost two years ago.

That U.S. officials seem to be queuing up to claim responsibility for a cyberweapon most people already believe was the work of the U.S. suggests that the administration is complimenting software war with a psychological counterpart.

The cover blown, the U.S. might now be making the best use of Flame as a warning to Iran of its intent, capability and ingenuity.

As several analyses have pointed out, that capability is significant, featuring a large number of different modules, at least five zero-day exploits over time, and an innovative attack on the encryption used to secure Microsoft certificates as a way of compromising the Windows Update system.
 

The role of Israel and other countries remains less clear. According to the Washington Post report, Israel used the same Flame independent of U.S. direction during the oil terminal attack, which suggests a looser and less disciplined modus operandi than officials have tried to project.

In the U.S., the revelations about the apparent cyber-weapons program have already been dismissed by Senator John McCain as part of an attempt by President Barrack Obama to portray himself as being tough on Iran.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

John E Dunn
John E Dunn
Previous article
Cisco patches VPN vulnerabilities
Next article
Google Apps admins can now force two-step sign-in

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...
Read more

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...
Read more

Related Tech News

Tech Jobs

Subscribe to our Newsletter

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

SUBSCRIBE

Tech Companies Hiring Right Now

Popular Stories This Week

ITWC Network

Follow Us

©

2024

IT World Canada. All Rights Reserved.

SUBSCRIBE