By Jerome Socolovsky
The Flame computer virus unleashed in Iran and other Middle Eastern countries is being described as unusually large and powerful. Some experts, though, are questioning the seriousness of the threat.
A Russian-based computer security firm, Kaspersky Lab, found that the Flame virus could record keystrokes, capture screenshots, and record conversations using microphones built into computers.
The greater part of the infected computers were in Iran.
“We think that this is one of the rare examples of (a) cyber weapon, and it actually illustrates the fact that there are some cyber warfare operations going on there secretly,” said Vitaly Kamluk, Kaspersky’s chief malware expert.
Flame is much larger than the 2010 Stuxnet virus, which is believed to have shut down uranium enrichment facilities in Iran. As with that virus, suspicions now point to Israel and the U.S. But no one has claimed responsibility, and the Iranian government said this week it has produced an antivirus program that stops Flame.
James Lewis, of the Center for Strategic and International Studies, said the new virus was a collection of existing cyberespionage tools.
“What Flame was was somebody took a lot of existing techniques, and glued them all together, which are kind of fun. But none of this is what you call cutting edge stuff,” said Lewis.
Kaspersky’s investigation was commissioned by the International Telecommunications Union. Russia wants the U.N. agency to extend its regulatory authority to the Internet.
And Lewis suspects the Moscow-based company is helping in that effort.
“Kaspersky entered into an agreement with the ITU, first to do some sort of global cybersecurity project, and second the ITU asked Kaspersky to look for malware in the Middle East, and that’s how they found Flame. Boy, that’s a strange set of coincidences when you line them up,” he said.
The ITU’s 193 members will meet later this year in Dubai. And viruses like Flame will surely be part of the debate over how the Internet should be governed.