At the New York Times, Thomas Erdbrink reported on the latest cyberattack on Iran via a virus known Flame. “Iran’s Computer Emergency Response Team Coordination Centre,” he writes, “fears that it’s potentially more harmful than the 2010 Stuxnet virus. … In contrast … the newly identified virus is designed not to do damage but to secretly collect information from a wide variety of sources.”
At Asia Times Online, Pierre Klochendler elaborates:
“Flame can easily be described as one of the most complex threats ever discovered. Big and incredibly sophisticated, it redefines the notion of cyber-war and cyber-espionage,” Alexander Gostev posted on the Securelist blog of Kaspersky Labs, the company that uncovered the worm. Gostev is head of the firm’s Global Research and Analysis Team.
Meanwhile, reports Erdbrink, an Iranian cyber defense official said, “‘Its encryption has a special pattern which you only see coming from Israel,’ … While Israel never comments officially on such matters, its involvement was hinted at by a top official there.”
It’s curious that Iran hasn’t obviously retaliated to the cyberattacks, killings of nuclear scientists, and sabotage of imported nuclear components, much of which seems to have been perpetrated by Israel. Klochendler reports on one possible reason.
“Iran’s brush with Duqu and disastrous encounter with Stuxnet prove that the Islamic Republic is, indeed, lacking in the field of cyber-security,” [Assaf Turner, chief executive officer of the Israeli-based Maya Security company] asserted on the Israeli news site YNet.
But, at NPR, Tom Gjelten reports.
“[The Iranians] have all the resources and the capabilities necessary to be a major player in terms of cyberwarfare,” says Jeffrey Carr, an expert on cyberconflict who has consulted for the U.S. Department of Defense.
Furthermore, writes Gjelten:
Sanctions imposed on Iran by the U.S. and its allies are so severe as to constitute a form of economic warfare. … Under the circumstances, could the Iranians be tempted to consider a cyberattack on the U.S.?
“There is a great deal of worry in terms of what they may be able to do if they’re pushed to the brink,” says cybersecurity researcher Dmitri Alperovitch. “If they believe the regime is threatened, if they believe they’re about to be attacked, [they may consider] how can they employ cyberweapons, either to deter that attack or to retaliate in a way they can’t do militarily.”
How long can Iran be expected to sit back and take it? It’s ironic that it’s suffering the sanctions and attack at a time when it not only seems to have halted terrorist operations on foreign soil — but has no nuclear-weapons program.
Cross-posted from the Foreign Policy in Focus blog Focal Points.
I know the attack on DigiNotar was nothing compared to Flame and Stuxnet, but does it not count for anything?
The DigiNotar attack wasn’t a state sponsored attack. It was a case of a single entity (DigiNotar) having poor security practices, and getting compromised, likely by another individual.