Flame malware: Does bigger mean better?
Screen grap released by Kaspersky Lab site shows a porgram of the computer virus, Flame
May 31st, 2012
02:00 AM ET

Flame malware: Does bigger mean better?

Editors Note: James Lewis is a Senior fellow and Director of the Technology and Public Policy Program at the Center for Strategic and International Studies. He offers this commentary on Flame, a recently discovered malware program infecting computer systems in Iran and elsewhere.

By James Lewis, Special to CNN

Is it wrong to be blasé about the most frightening malware ever invented? Some people worry that Flame is "bigger" than Stuxnet, weighing in at 20 megabytes. Flame is "bigger" than Stuxnet, but size and sophistication aren't the same.

Let's look at some of the tricks Flame uses. Recording keystrokes (a "keylogger") is about 20 years old. Turning on the   microphone of your computer is also mid-90s (turning on the camera is more recent, but also not news). The same is true for taking screen shots of your e-mail. You can buy some of these features on the black market. This is not cutting-edge stuff - somebody cobbled together existing exploits into a big package.

It's true that someone does seem to have it out for Iran in cyberspace. We know of Stuxnet, of course, and cyber-exploits against Iranian oil terminals. Flame is a third example, and there may be others we don't know about. Any story that has the words "Iran," "espionage" and "attack" is bound to attract attention, but we don't know who is responsible and this certainly isn't war.

What is a cyberweapon, anyhow? This is software designed to collect information. Once you have control of a network you can do what you want (and Flame provides a degree of control), but this appears to be a collection program.

Big cyberespionage programs aren't new either. The Russians were penetrating computer networks and exfiltrating information in the early 1980s, before the commercial Internet even existed. Then there was Moonlight Maze in the late 1990s, then Ghostnet and Shady Rat.

Long-running cyberdata-collection programs have been part of the espionage portfolio for years - this is "Advance Persistent Threat" - and sometimes they come to the surface where we can see them. Russia can do this kind of thing quite well, but so can the United States, the United Kingdom, Israel, China and perhaps others. Flame is not unique and there are certainly other programs like it out there that we haven't found.

There are some odd coincidences with Flame that have nothing to do with its alleged sophistication. The International Telecommunications Union, a U.N. body that wants to play a dominant role in cybersecurity and Internet governance, asked Kaspersky, a Russian firm, to help find an unknown piece of malware that was deleting sensitive information across the Middle East. The ITU issued a confidential warning, now plastered all over the Internet. These are unprecedented actions.

How did the ITU learn of this? Why did it go to Kaspersky? There is a political context here, since Russia is pushing the ITU to play a bigger role in order to undercut what it perceives as American control of the Internet. Where the Flame story fits into this political battle is unclear, but there are alternative hypotheses to serendipity when it comes to explaining Flame that we might want to test.

That might be the most interesting part of this story.

Flame is not a weapon, it's not the most sophisticated, it's not really that new, but it might be part of a large battle shaping up over the future of the Internet. Cyberespionage happens every day. This should not be news.

The coincidence around Flame and where it fits into the future of the Internet - those might be worth a second look.


Filed under: Cybersecurity • Iran • Malware • Russia • Stuxnet
soundoff (71 Responses)
  1. DouLsesseby

    zyuchaq クロエ バッグ hykpfhv ibohuyv クロエ 財布 ovlmvsb zysshch クロエ バッグ lsvhthv xdsrymg http://www.chloesutoa.com/ sjkagty fywiuba クロエ 財布 vqgzdvz sicfrhd クロエ アウトレット nvzrykt gspxlls クロエ 財布 aumdnmu jowgcbl http://www.chloesearch.com/ ozolemt eusypph クロエ 長財布 zixukmz xlmmave クロエ 長財布 mfnghub fjmhmgk クロエ バッグ togpbfb pqcpblp http://www.chloeonly.com/ cdtnkup vkqquja ポールスミス 財布 wxlrvid bbrtxnv ポールスミス 財布 mbdvule jfttgla ポールスミス 財布 coztihh xzecqgy http://www.paulsmithyasuyi.com/ ffoynku erjxzir プラダ 財布 rresbfr trrmthx プラダ バッグ pexdhgm ghesnmf プラダ バッグ mltaeat kfctveo http://www.pradatome.com/ uyjpjxa nyvaiwf クロエ バッグ sxuybix aelzype クロエ バッグ uzsodfs dpfowzu クロエ アウトレット bisovgv lygkaqj http://www.chloeye.com/ dnnygob

    April 9, 2013 at 11:59 pm | Reply
  2. Fresno CPR Training

    Very great post. I simply stumbled upon your weblog and wanted to mention that I've truly enjoyed surfing around your blog posts. After all I will be subscribing to your feed and I hope you write once more very soon!

    July 9, 2012 at 4:33 am | Reply
  3. rory

    What a mad country US is.US was the only country use atomic bomb and now US start the cyberwarfare.Please don't put yourself above or think you are more superior than the other.One day the tire will return and got you.

    June 1, 2012 at 11:23 am | Reply
    • Reauland

      Those nuclear bombs ended the war in the Pacific. Look up some estimates on the total casualties for trying to land ground troops in Japan sometime. As I recall, the most conservative of estimates placed the death toll around 7 times greater than the casualties at Hiroshima and Nagasaki.

      Let me tell you what's really crazy – blind, unreasoning hatred. It's already killed more people worldwide than every nuclear weapon used in a war theater.

      June 5, 2012 at 6:40 am | Reply
  4. krehator

    Most of these new malware creations would be considered child's play to an old school HPACV guru. Very little creativity. Poor programming skills. Cookie cutter tactics. Greedy motivations.

    Try finding someone who can create a good virus in Assembly language, who does it for the art or it, instead of harming innocent users. Good luck! 99% of these modern thugs are nothing more than script kiddies. Many of them funded by governments and corporations.

    Heck people don't even understand the difference between a virus, worm, and a Trojan. Even the media labels them incorrectly.

    Strange. the more computers have spread, the dumber users have become.

    June 1, 2012 at 2:19 am | Reply
    • Thinker23

      It's not strange at all, my friend. It is called TECHNOLOGY. 100 years ago one had to be a professional driver or even an engineer to be able to drive a car. Today every 16-year-old can drive a (much faster and more sophisticated) automobile. 100 years ago one had to be a Marconi to use radio. Today a 5-year-old can switch the channels of a 3D flat-screen TV. Did you get the picture?

      June 1, 2012 at 5:43 am | Reply
  5. John S

    For me Flame is just another attempt by a country at slowing down Iran in its quest for nuclear weapons and other technologies. Its obvious seeing as Iran was the most infected that it was no doubt the target. Others were simple collateral damage. Of course Israel and the US are the two Countries most likely responsible for Flame. But China could also be included in that. China may not have a grudge with Iran but its possible that it still is protecting its interest. I think its clear Iran and Countries like Iran have a disregard for good security or else they would have done more after the first attack. All I can say is that it could not happen to a better Country then Iran.

    May 31, 2012 at 8:20 pm | Reply
  6. Thinker23

    Talking about anonymous "book of psalms" and no less anonymous "Hebrew texts"...

    This is what the Hamas Charter (the Palestinian Constitution) says: "The prophet, prayer and peace be upon him, said: The time will not come until Muslims will fight the Jews (and kill them); until the Jews hide behind rocks and trees, which will cry: O Muslim! there is a Jew hiding behind me, come on and kill him!"

    Any comments?

    May 31, 2012 at 5:19 pm | Reply
    • professor of hydrodynamics

      Na, the Hebrew bible is MUCH more violent.

      Don't make me embarrass you by posting the most vicious of the torahs attrocious statements.

      May 31, 2012 at 5:58 pm | Reply
      • Paul

        Thousands of years ago the Jews recognized this fact and started reinterpreting their texts, so now today I don't see groups of Jews screaming "Yahweh is Great!" or "Behead those insult Moses" while they murder. Your comment not only shows extreme ignorance of the topic, but is easily negated by quick examination of facts on the ground.

        May 31, 2012 at 10:58 pm |
      • chukk

        Not really, many Jews still interpret the Torah literally.

        You are the one guilty of fumbling ingnorance...

        May 31, 2012 at 11:15 pm |
      • Thinker23

        Why don't you embarrass YOURSELF, "Professor", by actually POSTING these statements and then SHOWING that the followers of Judaism actually COMPLY with them?

        June 1, 2012 at 5:45 am |
      • fighter

        Are you kidding thinker?? Have you seen how stupid your posts are?? I'm reading your past posts....and its shocking how idiotic you sound..

        June 1, 2012 at 2:54 pm |
      • Thinker23

        "fighter"... To be honest I do not think my posts ever were "stupid". This opinion is shared by every one here including YOU. After all, NO ONE was able to point on a single statement I've said that he/she/them DID NOT AGREE with. Did YOU disagree with something I've said, "fighter"?

        June 1, 2012 at 6:58 pm |
  7. Thinker23

    I'm willing to challenge Indra and anyone else blaming Israel for the USS Liberty incident to EXPLAIN THE TREMENDOUS GAINS achieved by Israel from DELIBERATELY attacking the Liberty in order to JUSTIFY THE TREMENDOUS RISKS of suck attack. Be my guests!

    May 31, 2012 at 5:15 pm | Reply
    • professor of hydrodynamics

      They attacked the liberty for an HOUR!! It was not mistaken identity.

      It was a Recon ship. There were many reasons Israel would want to kill people who are able to see what they ate really doing...

      Like loading nukes onto subs.

      May 31, 2012 at 5:57 pm | Reply
      • Thinker23

        I have to admit, "Professor", that I'm one of those idiots who DO NOT SEE the reasons Israel would be willing to DELIBERATELY attack the Liberty. This is the reason I've asked YOU to explain these reasons. In response I promise to explain what would happen to Israel in case it was actually discovered that the attack on Liberty WAS intentional. Deal?

        June 1, 2012 at 5:49 am |
    • chukk

      And what's more, they used napalm on the first strike, boiling the skin off sailors sunning themselves on deck.

      It was evil.

      May 31, 2012 at 6:02 pm | Reply
  8. sawolf

    Mecca and Medina were Jewish trading cities whose inhabitants took in your prophet and protected from the arab pagans who wanted to murder him. For there good deed, when they refused to convert, that homicidal maniac murdered them threw out the few survivors and then declared them to be illegal to this day. READ?? how about History?

    May 31, 2012 at 3:22 pm | Reply
    • Indra

      From the book of pslams...

      "They are happy, those who smash the heads of babes upon the rock."

      Fuck your stumbling rhetoric.

      May 31, 2012 at 3:47 pm | Reply
      • professor of hydrodynamics

        There are even more foul passages in the Hebrew texts, condoning murder and canabalism.

        May 31, 2012 at 4:32 pm |
    • Karan

      Hi ElieshevaJust found your blog today, and it's amazing how much peolpe share in their aliya experiences.Although mine was a REALLY long time ago, and I have grown up kids (one soldier) there are still times when I feel English.and then I go to the UK and feel Israeli again! you know what I mean..

      August 1, 2012 at 9:51 am | Reply
    • Tiago

      Good stuff Derek. Israel sure does not get a fair shake in the media. Seems like their neighboring cerutnios get a lot more leeway when it comes to many things. And, the issues certainly are complex.Unfortunately, it seems things may get worse before it gets better in the middle east. I pray for all of them, on all sides of the borders, because we are all children of G-d.As for the flotilla, I don't understand how the world cannot see that is was a calculated move to provoke Israel, and like healthtourist, I think it could have gone a lot worse.

      August 3, 2012 at 4:04 am | Reply
  9. Indra

    Israel is the only country to commit crimes against the US, between them and Iran.

    Israel attacked the USS Liberty for an HOUR, killing 30 brave sailors.

    This new virus is fitting, seeing how the nation it hails from is itself, a virus. Israel controls the US, as you would a puppet…

    Michael Mukasey Recently appointed as US Attorney General. Mukasey also was the judge in the litigation between developer Larry Silverstein and several insurance companies arising from the destruction of the World Trade Center on 9/11/2001.

    Michael Chertoff Former Assistant Attorney General for the Criminal Division, at the Justice Department; now head of Homeland Security.

    Richard Perle One of Bush’s foreign policy advisors, he is the chairman of the Pentagon’s Defense Policy Board. A very likely Israeli government agent, Perle was expelled fromSenatorHenry Jackson’s office in the 1970′s after the National Security Agency (NSA) caught him passing Highly-Classified (National Security) documents to the Israeli Embassy. He later worked for the Israeli weapons firm, Soltam. Perle came from one the above mentionedpro-Israelthinktanks,the AEI.Perle is one ofthe leading pro-Israeli fanatics leading this Iraq war mongering within the administration and now in the media.

    Paul Wolfowitz Former Deputy Defense Secretary, and member of Perle’s Defense Policy Board, in the Pentagon. Wolfowitz is a close associate of Perle, and reportedly has close ties to the Israeli military. His sister lives in Israel. Wolfowitz came from the above mentioned Jewish thinktank, JINSA. Wolfowitz was the number two leader within the administration behind this Iraq war mongering. He later was appointed head of the World Bank but resigned under pressure from World Bank members over a scandal involving his misuse of power.

    Lawrence (Larry) Franklin The former Defense Intelligence Agency analyst with expertise in Iranian policy issues who worked in the office of UndersecretaryofDefense for Policy Douglas Feithand reported directly to Feith’s deputy, William Luti, was sentenced January 20, 2006, “to more than 12 years in prison for giving classified information to an Israeli diplomat” and members of the pro-Israel lobbying group American Israel Public Affairs Committee (AIPAC).

    We are being played. Like a fiddle my friends….

    May 31, 2012 at 2:26 pm | Reply
    • your dad

      Israel is modeled after the US and is the closest thing we have to home in the Middle East. Everywhere else in the region, people are still being stoned.

      May 31, 2012 at 3:30 pm | Reply
      • Indra

        Well, they drop white phosphorus.....

        I'll take the stoning...

        Remember the USS liberty.

        May 31, 2012 at 3:49 pm |
    • professor of hydrodynamics

      All this ignorance is certainly in part due to the massive monoply exercised over the media by Jewish interests.

      Indras makes several good points throughout the post.

      Don't forget scooter libby, or Kissinger the man who killed a million.

      May 31, 2012 at 4:30 pm | Reply
  10. israeli-american

    In 20 years we'll know the truth about how many US computers have been infected with this Israeli virus.

    With friends like these......

    May 31, 2012 at 11:57 am | Reply
    • Indra

      Could be that ALL American computers are compromised.

      May 31, 2012 at 2:08 pm | Reply
    • your dad

      arabs up to the same stupid tricks. i'm not surprised that we are light years ahead of you.

      May 31, 2012 at 3:28 pm | Reply
      • Indra

        Bet you can count your iq points on one hand....

        May 31, 2012 at 3:51 pm |
      • Scout

        Oh and to address tarsnpoatrtion It needs major work here. There are only a handful of buses to Jerusalem every day, and they aren't at the most convenient times (aside from the 6:45 and 7:30am). Car is a necessity at this point, though there is a supermarket here now.

        July 31, 2012 at 6:19 pm |
    • Paul

      I'm much more worried about Chinese viruses than Israeli. Tiny Israel is no threat to the US, in fact, they are dependent upon us and would be foolish to undermine the US.

      May 31, 2012 at 11:04 pm | Reply
  11. Hahahahahahaha

    Don't worry about the Towel Heads. They only have pirated versions of Windows 98. Hahahahahahahaha

    May 31, 2012 at 10:10 am | Reply
    • Bruce

      DOn't be so cocky. Iran has enough sophistication to hack our best drone and land it in Iran.

      May 31, 2012 at 11:53 am | Reply
      • Hahahahahahahahaha

        Um.......No they don't. Hahahahahahahahaha

        May 31, 2012 at 12:11 pm |
      • jim

        See the idiots you have to deal with on these boards. This malware has the potential to shut down countries internet.

        May 31, 2012 at 12:46 pm |
    • Hahahahahahahaha

      Jim. And your point is? Hahahahahahahahahaha

      May 31, 2012 at 3:46 pm | Reply
  12. michaelfury

    http://michaelfury.wordpress.com/2010/09/10/ghosts-in-the-machine/

    May 31, 2012 at 7:25 am | Reply
  13. mipolitic

    So just what does this mean to the Transportation sector ? I am in favour for any type of defence that saves lives and targets weapons without killing the common folk , so with that said what will this virus do to the Airline industry or any other public transportion ?
    in the last year many nuke sites around the world have been effected by their computer systems by trying to shut down for no reason at all .

    May 31, 2012 at 6:48 am | Reply
  14. Thinker23

    Racism is always disgusting. Racism is always based on lies. Almost all racists are losers, liars and intellectually challenged individuals tending to blame others for their own failures. Racists always lose. By the way, Indra, if you're willing to "dissolve the apartheid theocracy" start from Saudi Arabia and Iran.

    May 31, 2012 at 5:26 am | Reply
    • kenny

      dude you need to chill out. racism racism racism are you a victim of racism is that why your mad at everyone? PLEASE for the love of just stay off the internet your making yourself seem like a 4 year old that just got his toy taken from him.

      May 31, 2012 at 12:31 pm | Reply
      • Thinker23

        The answer is YES, I AM a victim of racism and NO, I'M NOT mad at anyone, even at racists. I pity them just like I pity mad dogs.

        May 31, 2012 at 12:54 pm |
    • Indra

      Israel is a racist nation.

      You dumb fuck, read a book.

      May 31, 2012 at 1:53 pm | Reply
      • your dad

        shave your back, loser.

        May 31, 2012 at 3:26 pm |
      • Indra

        Pull the dick from your ass first, sheep fucker.

        May 31, 2012 at 3:50 pm |
    • Indra

      Saudis been there for thousands of years.

      Israelis...about 70.

      They are proven criminals.

      Remember the Liberty.

      May 31, 2012 at 2:07 pm | Reply
  15. Indra

    Israel is the only country to commit crimes against the US, between them and Iran.

    Israel attacked the USS Liberty for an HOUR, killing 30 brave sailors.

    This new virus is fitting, seeing how the nation it hails from is itself, a virus. Israel controls the US, as you would a puppet…

    Michael Mukasey Recently appointed as US Attorney General. Mukasey also was the judge in the litigation between developer Larry Silverstein and several insurance companies arising from the destruction of the World Trade Center on 9/11/2001.

    Michael Chertoff Former Assistant Attorney General for the Criminal Division, at the Justice Department; now head of Homeland Security.

    Richard Perle One of Bush’s foreign policy advisors, he is the chairman of the Pentagon’s Defense Policy Board. A very likely Israeli government agent, Perle was expelled fromSenatorHenry Jackson’s office in the 1970′s after the National Security Agency (NSA) caught him passing Highly-Classified (National Security) documents to the Israeli Embassy. He later worked for the Israeli weapons firm, Soltam. Perle came from one the above mentionedpro-Israelthinktanks,the AEI.Perle is one ofthe leading pro-Israeli fanatics leading this Iraq war mongering within the administration and now in the media.

    Paul Wolfowitz Former Deputy Defense Secretary, and member of Perle’s Defense Policy Board, in the Pentagon. Wolfowitz is a close associate of Perle, and reportedly has close ties to the Israeli military. His sister lives in Israel. Wolfowitz came from the above mentioned Jewish thinktank, JINSA. Wolfowitz was the number two leader within the administration behind this Iraq war mongering. He later was appointed head of the World Bank but resigned under pressure from World Bank members over a scandal involving his misuse of power.

    Lawrence (Larry) Franklin The former Defense Intelligence Agency analyst with expertise in Iranian policy issues who worked in the office of UndersecretaryofDefense for Policy Douglas Feithand reported directly to Feith’s deputy, William Luti, was sentenced January 20, 2006, “to more than 12 years in prison for giving classified information to an Israeli diplomat” and members of the pro-Israel lobbying group American Israel Public Affairs Committee (AIPAC).

    We are being played. Like a fiddle my friends....

    May 31, 2012 at 4:12 am | Reply
    • Choctaw78

      I agree, its horrendous. Something must be done.

      Im sick of Israel dragging the region to war. They are good at makin it look like they are being victimized. Wimps.

      They would be nothing, if not for US weapons and money.

      And young soldiers....

      May 31, 2012 at 4:19 am | Reply
      • Indra

        Indeed. They must be peacefully brought under an international mandate, that dissolves the aparteid theocracy.

        May 31, 2012 at 4:28 am |
      • Thinker23

        Lies, lies, lies... Israel NEVER attacked anyone without being attacked first. Israel survived (and won) all major wars started by the Arab states during the first 25 years of its existence WITHOUT US aid while the Arabs enjoyed almost unlimited supply of Soviet weapons. Not a single American (or any foreign) soldier ever participated in Israeli words. These are FACTS... and you can produce nothing but racist lies and insults.

        May 31, 2012 at 5:31 am |
      • Thinker23

        Not a single American (or any foreign) soldier ever participated in Israeli wars. Sorry for the typo.

        May 31, 2012 at 5:32 am |
      • paul

        and the surrounding countries would be nothing without the 100s of billions of petrodollars being poured into the region every year.

        May 31, 2012 at 12:07 pm |
      • Indra

        Lick COCK thinker.

        They attacked Gaza and Lebbannon unprovoked.

        White phosphorus.

        Enough said.

        May 31, 2012 at 1:51 pm |
      • Thinker23

        Indra... I'm not sure what is YOUR definition of a "provocation" but TEN YEARS OF TERRORIST ATTACKS from Lebanon is TEN YEARS OF PROVOCATIONS according to ANY standard... and each one of them is qualified as an act of aggression by the UN Resolution 3314.

        May 31, 2012 at 2:25 pm |
      • Indra

        They killed children on purpose.

        Read pslams. They are baby killers.

        White phosphorus and bomblets were used. Illegal.

        Facts bitch.

        May 31, 2012 at 2:38 pm |
    • paul

      Israel controls the US like a puppet? Seriously? Your entire post is paranoid drivel.

      May 31, 2012 at 12:09 pm | Reply
      • Thinker23

        Well, if the tiny Israel can control the mighty United States of America like a puppet then the frequent complaints of the Jew-haters about the Jews being the "chosen nation" may have some merit...

        May 31, 2012 at 12:58 pm |
      • Indra

        Not really, the evidence is damning.

        You.might be stupid tho...that would explain a lot.

        May 31, 2012 at 1:53 pm |
      • Person of Interest

        Agreed with Paul, quit trolling. The USS Liberty took place how many decades ago? We (the US) have had enough problems making our "smart" munitions hit the correct target in the early 90s and even in the 2000s. IFF systems were non-existant then. How many of our (US again) were killed in Vietnam a decade later due to poor communication between the ground and the pilot. Hell during the 6 Day War the Arab leaders thought they were winning on the 3rd day still because the intelligence they were receiving was terrible.

        And I'm pretty sure you could go back a thousand years and still not figure out who started what between the Jews and the Arabs. WP is a terrible weapon to use and so is rocket attacks on civilian targets. I'm not gonna argue about Israel and Lebannon and who started what, cause frankly that's not my issue, it's yours.

        May 31, 2012 at 2:43 pm |
      • Indra

        Person, you can fuck off. Two uncles were murdered by Israel on the liberty.

        Fuck you, you ignorant sheep.

        May 31, 2012 at 3:55 pm |
      • Person of Interest

        Which is why you are incapable of making a logical decision. My best friend was killed in front of me in Afghanistan by friendly fire. Am I mad at the people that did it? Sure. Do I understand that grid coordinates were jacked up and in the heat of battle they didn't hear "Check your fire" 3 times over the radio before a 120 hit 5 feet from him? Yes.

        Does that make me an ignorant sheep? Absolutely not. War is a terrible thing that kills many innocent people and non-deserving people. Now could the mortar crew been showing off for the NBC crew that was filmming at the time? It's possible, that's why they didn't hear the check fire. Do I know for certain? No. Is it possible Israel did intentionally hit the Liberty? Sure. Plenty of people believed it to be so but plenty of people did not. So show me the proof and I'll be glad to start yelling and cursing.

        I'm sorry for the loss but to have hatred to an entire nation for the acts of a small group over 40 years ago is illogical at best racist at worst. In the words of my great Uncle Mikey (paraphrased of course) "I don't get why some of the guys still hate the Japanese. They killed some of my friends, I killed some of theirs. I don't wanna kill anymore of them and I hope they don't wanna kill anymore of mine." Hate consumes all my friend.

        And I'm really that not great of a guy so in closing I'll just say "Baaaaa"

        May 31, 2012 at 6:21 pm |

Post a comment


 

CNN welcomes a lively and courteous discussion as long as you follow the Rules of Conduct set forth in our Terms of Service. Comments are not pre-screened before they post. You agree that anything you post may be used, along with your name and profile picture, in accordance with our Privacy Policy and the license you have granted pursuant to our Terms of Service.