Another day, another leak about a classified national security program. Gosh, it’s enough to make a person think that someone’s doing this intentionally!
The Washington Post reports that the United States and Israel co-developed the so-called Flame virus (Kaspersky Labs, the major Russian security firm, gave it that name), which has superseded Stuxnet as the latest “face” of cyberwarfare. Flame, which has some code in common with Stuxnet and was apparently developed five years ago (making it the older of the two), is extraordinarily complex. It can “activate computer microphones and cameras, log keyboard strokes, take screen shots, extract geolocation data from images, and send and receive commands and data through Bluetooth wireless technology.” It replicates and spreads itself across networks and hides as an anodyne-looking software update.
The article should be taken with some skepticism, if only because, since this is based on leaked classified information and off-the-record interviews with national security officials, the U.S. government, and the Obama administration, are hoping to push a particular narrative. Knowing that they can’t deny Flame’s existence, the administration has decided, as they did with Stuxnet, to take credit for it. Moreover, they wish to show that the U.S. and Israel are partners and that the Obama administration will pursue shadowy, nondiplomatic means to thwart Iran’s nuclear program. (Those programmers are tough!)
“This is about preparing the battlefield for another type of covert action,” said one former high-ranking U.S. intelligence official, who added that Flame and Stuxnet were elements of a broader assault that continues today. “Cyber-collection against the Iranian program is way further down the road than this.”
Whether this is true, we can’t really know—at least not until the next Kaspersky Labs report or the next controlled leak. Still, it’s fair to assume, based on what we’ve learned about Stuxnet and Flame, and about the resources being devoted to cyberwarfare by the NSA, CIA, Mossad, and related entities, that this isn’t the end of the line for Western cyber-espionage against Iran.
Even so, one would think that the Obama administration isn’t happy that the Iranians discovered this sophisticated, resource-intensive piece of malware, even if there are other such weapons in reserve. And reading between the lines of the Post’s report, you can detect some notes of displeasure. For example, the article claims that Flame was discovered by Iran based on a series of attacks against the oil industry that Israel directed without consulting their American partners. This fits the traditional narrative that the Americans and Israelis are enthusiastic partners, but the Israelis tend to go off the reservation and do things without telling their Yankee friends.
All of this makes for a fascinating installment in the sub-Ludlum tale that is American-Israeli cyber-espionage. And for America’s politicians—who care more about apportioning credit and blame than most anything else—this latest report will surely feed into the nascent investigation into classified leaks, rather than cause any concerted debate over the consequences of this still untested form of warfare.