Monday, June 11, 2012

The Smoke Over Flame: Who Is Behind Super Cyber Spy Tool?



Cyber security experts around the world are racing to dissect Flame, the largest cyber espionage program ever discovered, as clues in the code and vague statements from Western officials fueled speculation as to whether the U.S. or Israel may be behind what researchers are calling a potential game-changer in the burgeoning arena of cyber warfare.

The existence of Flame, an unprecedented intelligence-gathering program designed to track and record basically everything an infected computer does, was disclosed Monday by two international cyber security firms as well as the Iranian government, which said Flame had been discovered on its networks.

One of the firms, Kaspersky Labs, reported the malware had been discovered in several countries in the Middle East, mostly in Iran, and had been operating for at least two years. Kaspersky Labs, along with a Hungarian cryptology lab called Crysys that also analyzed Flame, said that because of the expertise, time and funding required to create such a large and sophisticated program, it was likely some government agency had created the malicious code, rather than a group of cyber criminals or rogue hackers.

Clues in the code, such as the names of processes like "Beetlejuice" and "Platypus," led some experts to believe it could have been written by native English-speakers, but others pointed out that English is a common coding language in many countries.