By Chris Lawrence
The United States is investigating "a string of malicious" cyber incidents that appear to be focused on probing energy infrastructure, a U.S. official familiar with the latest intelligence tells CNN.
The official, who spoke anonymously due to the sensitivity of the information, said the suspected hacking did not appear to be intended to steal trade secrets or exploit technology for commercial reasons. It appeared to be aimed at identifying weaknesses in fuel and electrical systems in the United States.
While the official did not identify any suspected origins of the apparent hacking, a U.S. lawmaker raised suspicions about Iran.
The United States has over the past year become more concerned about Iran and cyber security.
Iran's atomic energy organization is warning against "terrorists" and "saboteurs" that are trying to damage Iran's nuclear program. This time it was the power lines leading to its heavily-fortified nuclear enrichment facility – at Fordo – that came under attack, according to Iran.
By Pam Benson
A group of Republican senators continued to fire away Tuesday at the Obama administration for its failure to appoint a special counsel to investigate leaks of classified information.
Sen. John McCain, R-Arizona, once again led the charge at a Capitol Hill news conference, criticizing Attorney General Eric Holder for his decision to appoint two Justice Department prosecutors to investigate the recent leaks to the media.
"To think that two people appointed prosecutors from Mr. Holder's office, overseen by Mr. Holder, is also offensive," McCain said. "We need a special counsel. We need someone who the American people can trust and we need to stop the leaks that are endangering the lives of those men and women who are serving our country."
Holder responded to the accusations at a June 12 congressional hearing. He said the Justice Department and the FBI are keeping a careful eye on any potential conflict of interest, but said of the prosecutors, "We have people who have shown independence, an ability to be thorough, and who have the guts to ask tough questions. And the charge that I've given them is to follow the leads wherever they are ... wherever it is in the executive branch or some other component of government."
By Suzanne Kelly
Director of National Intelligence James Clapper is rolling out new measures Monday aimed at ending what recently has been a spate of leaks regarding classified programs and operations.
Among Clapper's recommendations, to be instituted across the 16 intelligence agencies, are an enhanced counterintelligence polygraph test for employees who have access to classified information, and the establishment of a task force of intelligence community inspectors general that will have the ability to conduct independent investigations across agencies in coordination with the Office of the National Counterintelligence Executive.
Clapper has also called for a review of current policies that relate to interaction with members of the media, and how that interaction must be reported.
The new question that will be added to the current counterintelligence polygraph test - which intelligence community employees who handle classified information are required to take - will specifically ask whether the employee has disclosed classified information to a member of the media.
It's the largest, most extensive cyber espionage tool to date.
Researchers say the computer virus dubbed Flame stole secrets on Iran's nuclear program and it likely went on for years, discovered only after a cyberattack on Iran's oil infrastructure.
Now The Washington Post cites "western officials with knowledge of the effort" as saying Flame was jointly-developed between the United States and Israel.
Intelligence Correspondent Suzanne Kelly reports on U.S. strategy in going to battle in cyberspace.
Editors Note: James Lewis is a Senior fellow and Director of the Technology and Public Policy Program at the Center for Strategic and International Studies. He offers this commentary on Flame, a recently discovered malware program infecting computer systems in Iran and elsewhere.
By James Lewis, Special to CNN
Is it wrong to be blasé about the most frightening malware ever invented? Some people worry that Flame is "bigger" than Stuxnet, weighing in at 20 megabytes. Flame is "bigger" than Stuxnet, but size and sophistication aren't the same.
Let's look at some of the tricks Flame uses. Recording keystrokes (a "keylogger") is about 20 years old. Turning on the microphone of your computer is also mid-90s (turning on the camera is more recent, but also not news). The same is true for taking screen shots of your e-mail. You can buy some of these features on the black market. This is not cutting-edge stuff - somebody cobbled together existing exploits into a big package.
The "Flame" virus, the most complex computer bug ever discovered, has been lurking for years inside Iranian government computers, spying on the country's officials.
In a statement posted on its website on Monday, the Iranian National Computer Emergency Response Team (CERT) said it discovered Flame after "multiple investigations" over the past few months.
The Iranian CERT team said it believes there is a "close relation" between Flame two previous cyber attacks on Iran, known as the Stuxnet and Duqu computer worms. Stuxnet is widely believed to have been launched by either the U.S. or Israel (or both countries).
This isn't traditional war. The Internet has leveled the playing field, allowing governments that would never launch military attacks on one another to target one another in cyberspace.
"In warfare, when a bomb goes off it detonates; in cyberwarfare, malware keeps going and gets proliferated," said Roger Cressey, senior vice president at security consultancy Booz Allen Hamilton, at a Bloomberg cybersecurity conference held in New York last month.
"Once a piece of malware is launched in wild, what happens to that code and its capability?" he added. "Things like Stuxnet are being reverse-engineered."