The United States and Israel jointly developed the Flame virus, which collected intelligence for a cyber-attack on Iran’s nuclear program. This has been confirmed by a number of Western officials familiar with classified data on the effort.
The CIA, the National Security Agency (NSA) and the Israeli military were all involved in developing malware to sabotage Iran’s nuclear program, the officials confirmed.
“This is about preparing the battlefield for another type of covert action,” noted one official, as quoted by The Washington Post. “Cyber-collection against the Iranian program is way further down the road than this.”
Experts say Flame was designed to replicate even on highly secure networks. It allowed its creators to monitor the infected computer, activate microphones and cameras, take screenshots, log keyboard strokes, extract geolocational data from images and send and receive commands via Bluetooth wireless technology.
The virus came to light last month, when Iran detected cyber-attacks on its Oil Ministry and oil export facilities.
“The virus penetrated some fields — one of them was the oil sector,” Gholam Reza Jalali, an Iranian military official told the country’s state radio at that time. “Fortunately, we detected and controlled this single incident.”
Some US officials were unsatisfied with the attack. They say it was the result of a unilateral decision by Israel, which failed to consult its American partners on the move.
Russian cyber-security firm Kaspersky Lab, which branded the virus “Flame,” later discovered that parts of malware’s code were identical to that of Stuxnet, a virus the development of which the US government had previously been suspected by other officials tied with the cyber-sabotage program.
Kaspersky Lab concluded that the same group was responsible for the creation of both viruses.
“We are now 100 per cent sure that the Stuxnet and Flame groups worked together,” said Roel Schowenberg, a senior researcher for the company.
Earlier, officials said President Barack Obama okayed the continuation of the cyber-warfare program, dubbed “Operation Olympic Games.” That program was initiated under the Bush administration and also included Israel, The New York Times reported. The revelation pointed to the fact that the United States was directly responsible for the development of Stuxnet, a virus that targets software and equipment produced by Siemens. Iran uses covertly obtained Siemens technologies for its nuclear enrichment facilities.
Stuxnet, a name that was coined by antivirus researchers, was discovered two years ago after it caused almost 1,000 centrifuges to spin out of control at Iran’s Natanz uranium-enrichment plant. The damage occurred gradually, and many Iranian experts originally believed it came as a result of incompetence.
Both the CIA and the NSA are involved in the development of malware, senior officials say. The CIA’s Information Operations Center, the agency’s second largest center, specializes in infiltrations of computers that involve spies or unwitting contractors. Some of these penetrations involve virus infection and contagion.
The NSA is more advanced in its cyber-warfare tactics, and has expertise in developing malware and spyware to hamper Iran’s nuclear enrichment program.