- Microsoft Windows Update SSL certificate gets failing grade
- Flame’s crypto attack may have needed $200,000 worth of compute power
- Discovery of new “zero-day” exploit links developers of Stuxnet, Flame
- Microsoft contains Flame with Windows Update revamp
- Flame espionage malware issues self-destruct command
The United States and Israel jointly developed the Flame espionage malware to collect information that would be useful in disrupting Iran’s nuclear program, the Washington Post reported, citing unnamed Western officials with knowledge of the operation.
While important, the report isn’t entirely unexpected. Researchers said last week they had conclusive proof that developers of Flame collaborated with developers of Stuxnet, the highly sophisticated computer worm that targeted uranium enrichment operations in Iran’s Natanz nuclear facility. A week before that, an in-depth article in the New York Times provided the first confirmation that Stuxnet was created by the US and Israel before they ultimately lost control of it. Flame was part of “Olympic Games,” the same classified effort that spawned Stuxnet, Washington Post journalists Ellen Nakashima, Greg Miller, and Julie Tate reported Tuesday.
Still, the report is the first to cite unnamed officials saying Flame was jointly devised by personnel in the National Security Agency, the CIA, and Israel’s military. As such, it has helped to flesh out details of what is believed to be the first sustained campaign of computer-aided sabotage of a US adversary. And like the confirmation that Stuxnet received the explicit backing from two US presidents, the latest confirmation could harm US interests by touching off a cyber-arms race and making it harder for US officials to argue against their use.