The U.S. and Israel jointly developed the computer virus Flame, to collect intelligence as part of efforts to slow down Iran's nuclear weapons program. Flame monitored Iran's computer networks and sent back intelligence needed for a cyberwarfare campaign.
The Washington Post reports that the revelation was made by "Western officials with knowledge of the effort." The sources said that the effort involved the National Security Agency, the CIA and Israel's military. It involved the use of destructive software such as the Stuxnet virus to cause Iran's nuclear-enrichment equipment to malfunction.
Reuters reports that because Flame was an intelligence collection virus and not a cyberwarfare program designed to sabotage computer systems, its use required less stringent U.S. legal and policy review.
Flame was designed to collect information while presenting as a routine Microsoft software update. It evaded detection by using a program to crack an encryption algorithm, The Washington Post reports.
RT reports that experts say Flame was designed to replicate even on highly secure networks. The virus allowed it creators to monitor infected computer, "activate microphones and cameras, take screenshots, log keyboard strokes, extract geolocational data from images and send and receive commands via Bluetooth wireless technology."
According to The Washington Post, the US-Israel joint effort is thought to be the first sustained campaign of cyber-sabotage by the U.S. against an opponent.
A former senior U.S. intelligence official said: “This is about preparing the battlefield for another type of covert action. Cyber-collection against the Iranian program is way further down the road than this.” The official said that Flame and Stuxnet "were elements of a broader assault that continues."
Flame was discovered last month after Iran detected cyberattacks against its oil industry, The Washington Post reports.
The attack was allegedly directed by Israel. According The Washinton Post, several U.S. and Western officials who spoke in anonymity said the Israeli move was unilateral and the U.S. was caught off-guard. RT reports that Gholam Reza Jalali, an Iranian military official, told the country's state radio that "the virus penetrated some fields — one of them was the oil sector. Fortunately, we detected and controlled this single incident.”
There were speculations that the U.S. was involved in the development of Flame when the virus first came to light, but it was not known or suspected that the U.S. might have collaborated with Israel to develop the virus. Suspicions that the U.S. was involved in the development of Flame arose after it was found that it shares some code in common with Stuxnet, widely believed to have been used by the United States and Israel to attack Iran's nuclear program. According to Reuters, Kaspersky Lab and Symantec Corp linked some of the software code in the Flame virus to the Stuxnet computer virus.
The Telegraph reports that earlier in the month, the Russian security company Kapersky Lab, reported that those responsible for the Flame and Stuxnet cyber-attacks "cooperated at least once" in the early stages of their development.
Kapersky said that its findings revealed that the teams shared source code of at least one module prior to 2010. According to Alexander Gostev, Chief Security Expert at Kapersky Lab, “What we have found is very strong evidence that Stuxnet/Duqu and Flame cyber-weapons are connected."
The Washington Post reports that spokesmen for the CIA, the NSA and office of the Director of National Intelligence, as well as the Israeli Embassy in Washington, declined to comment on the matter. Reuters, however, confirms that current and former U.S. and Western national security officials say that the U.S. played a role in development of the Flame virus.
The Washington Post reports that Tom Parker, chief technology officer for FusionX, a security firm specializing in simulating state-sponsored cyberattacks, said he does not know who was behind the virus. According to Parker, "This is not something that most security researchers have the skills or resources to do. You’d expect that of only the most advanced cryptomathematicians, such as those working at NSA.”