STUXNET TO FLAME – Heating up the Cyber Battlefield

img_2377143_620A computer worm discovered in June 2010 revealed to the world the potential of cyber warfare.

Moving from spying to sabotaging autonomous industrial systems STUXNET was designed specifically to utilize vulnerabilities in the Microsoft windows to target Siemens Software and Equipment running a Uranium Enrichment Facility in Iran.

60% of STUXNET effected computers were inside Iran which showed to the world how malware can be used to target specific geographic locations.

STUXNET was designed to target SIEMENS software and Equipment, the designers of the software knew what hardware and software the malware would be looking to destroy. The malware STUXNET was able to inflict a sizeable blow to the nuclear program of Iran, sizeable enough that Iran publically had to admit that its systems had been hit.

Kaspersky Lab has recently claimed responsibility for discovering an even more comprehensive Malware which has been named “FLAME, Skywiper, and Flamer.A”, a discovery Kapersky made while it was investigating reports of a virus affecting Iranian Oil Ministry computers.

Experts at Kaspersky Lab claim that FLAME has a lot of resemblance with STUXNET and they deploy the same method of spreading which is generally by infecting and utilizing USB’s and Local Networks; in fact it is highly likely that it was developed by the same team which developed STUXNET and is being utilized by the same country that launched STUXNET.

Iran’s National Computer Emergency Response Team said that FLAME might be linked to recent cyber attacks that were responsible for massive data losses on some Iranian computer systems.

Although FLAME has resemblance with STUXNET but experts are saying that FLAME is more advanced form of STUXNET. The FLAME virus contains 20 times more code than STUXNET. FLAME can remotely gather data files from your computer, can help the host remotely change settings on an effected computer, turn on PC microphones to log or record conversations, take screen shots and log instant messaging chats. The virus can even log activity on the computers Bluetooth device.

The malware currently is built around 20 different modules most of which analysts do not even know what they might be used for and are nominating FLAME as the world’s most complete & comprehensive cyber spying toolkit to date.

Experts at Kaspersky lab are estimating that FLAME has been operational for the last 5 to 8 years which points towards this very scary question that if this was the capability of the malware 5 years ago what an advanced version of FLAME would be capable of today. The creators and controllers of the virus utilized a network of more than 80 servers across the globe to remotely access infected machines.

Uncovering of FLAME clearly indicates that National Security and security of commercial, industrial and even nuclear assets might not be as safe as we think. In reality cyber warfare has added a whole new dimension to this scenario, clearly showing the world how technologically advanced countries can utilize their knowledge superiority to attack other countries using methods or platforms where legal jurisdiction is loose.

In simpler words dismantling a countries nuclear program by utilizing FLAME or STUXNET would be more feasible in comparison to taking out a countries nuclear program with a full scale military strike. The political, economical and social implication of doing the latter is greater, carries more consequences and has far more repercussion.

Flame Virus

Pakistani Cyber users need to be aware of this ever evolving threat, although Flame was reported to have been targeting Middle Eastern countries it is highly likely that computers in Pakistan might also be infected.

There is also high possibility that this Malware might have already infected our military and industrial networks because we do not have any mechanisms, labs to asses these kinds of threats.

Pakistan being the only Muslim Nuclear power in the world makes it an even more inviting target for such attacks therefore it is the need of time that authorities and individuals in Pakistan start considering this form of warfare as a threat and respond to it in an appropriate manner.