Mobile Version
Free Internet Press
  Uncensored News For Real People


FIP Year In Review

FIP Month in Review

FIP Archive Search




2014-07-09
R.I.P. William 'Bill' Herbert Kelder - Intellpuke

2013-11-28
Gamers Donate 37,500 Pounds Of Food To Needy

2013-09-30
Statement From The Whitehouse Regarding The Government Shutdown

2013-09-29
An Open Response To 'Organizing for Action'

2013-08-26
Bayou Corne: The Biggest Ongoing Disaster In The U.S. You Have Not Heard Of

2013-04-21
Boston Mayor Hopes Feds 'Throw the Book' at Marathon Bombing Suspect

2013-04-19
Boston Police Closing In On Suspects

2013-04-15
2 Explosions At Boston Marathon. 2 Dead, Many Injured.

2013-01-03
The Press vs Citizens Rights and Privacy - Act 3

2012-12-30
CBS News - Year In Review 2012

Nature.com - 366 Days: 2012 In Review

The Guardian - 2012 In Review: An Interactive Guide To The Year That Was

TruTV - The Biggest Conspiracy Theories of 2012

Colbert Nation: 2012: A Look Back

FIP Year In Review(s?)

2012-12-25
Happy Holidays

2012-12-21
Welcome To A New Era!

2012-12-16
An Open Letter To United Health Care, Medcom, And The Medical Insurance Industry In General

2012-11-17
Whitehouse Petition To Remove "Under God" and "In God" From Currency And The Pledge.

2012-11-15
December 21, 2012

2012-11-11
If Hillary Clinton Ran For President, She Would Probably Be The Best-prepared Candidate In American History

2012-11-10
CIA Director David Petraeus Resigns After FBI Investigation Uncovers Affair With High-Profile Journalist

FIP Format Update

2012-11-07
Thank you for voting.

2012-11-06
Live Election Results

2012-09-30
FIP In Hiatus

2012-09-18
U.S.-Afghan Military Operations Suspended After Attacks

Iran Nuclear Chief Says IAEA Might Be Infiltrated By 'Terrorists And Saboteurs'

Romney Stands By Gaffe

2012-09-17
President Obama Says China Trade Practices Harm American Auto Parts Workers


Computer 'Worm' That Hit Iran Oil Terminals 'Is Most Complex Yet'
2012-05-28 18:09:51 (113 weeks ago)
Posted By: Intellpuke

A cyber-attack that targeted Iran's Oil Ministry and main export terminal was caused by the most sophisticated computer worm yet developed, experts have warned.

The virus appears to have been directed primarily at a small number of organizations and individuals in Iran, the West Bank, Lebanon and the United Arab Emirates. This will inevitably raise suspicions that Israel or the U.S. were involved in some way.

Analysts who have been decoding the computer worm, which is called W32.Flamer, have been unable to identify the source. They say only a professional team working for several months could have been behind it.

The CrySys Laboratory, in Hungary, said: "The results of our technical analysis supports the hypothesis that [the worm] was developed by a government agency of a nation state with significant budget and effort, and it may be related to cyber-warfare activities."It is certainly the most sophisticated malware we [have] encountered. Arguably, it is the most complex malware ever found."

Orla Cox, a senior analyst at Symantec, the international computer security firm, said: "I would say that this is the most sophisticated threat we have ever seen."

(story continues below)




Symantec undertook a detailed analysis of the groundbreaking Stuxnet virus, which targeted Iran's nuclear enrichment facilities two years ago, sending some of their centrifuges spinning out of control. Cox said W32.Flamer appeared to be even more complex than Stuxnet, and that it was an incredibly clever, comprehensive "spying program".

"It is a backdoor worm that goes looking for very specific information. It scrapes a mass of information from any infected machines and then sends it, without the user having any idea what is going on. The amount of information it can send is huge."

Symantec first started working on the code over the weekend after it was discovered by specialists at the Labortory of Cryptography and System Security, at the University of Budapest.

Analysis now shows that the worm has been around, undetected, for at least two years, and experts are confident it was responsible for the disruption to Iran's oil industry last month.

According to reports, the cyber-attack forced Iran to convene a "crisis committee" that ordered the disconnection of six of its main oil terminals from the internet, to stop the worm spreading.

One of these, on Kharg island, 16 miles off the north-western coast of Iran, processes 90% of the country's crude oil exports.

The Iranian Students' News Agency said that the virus had successfully erased information on hard disks at the oil ministry's headquarters.

Though the oil ministry insisted that the worm had been contained and that no significant data had been erased, the likelihood is that W32.Flamer had been inside the network for many months and may already have completed its primary mission. Cox said the worm was designed to gather and send information covertly – unlike Stuxnet, which was built to identify and destroy equipment.

"Once the attacker has that level of access, then all bets are off," she said. "Once the worm has infected a system, it would be possible to add new commands over time, to add an element of disruption."

Though Symantec said it was impossible to say whether the team behind W32.Flamer was also behind Stuxnet. Cox said the two were similar in some ways, and shared some features.

"To the casual observer, the worm looks like any piece of software," she said. "To get that level of sophistication would take a team of 10 several months. It's very professional."

The worm was able to take screenshots of users' desktops, to spread via USB drives, and to disable security systems. It was also able to find security vulnerabilities in Microsoft Windows to help it spread from network to network. As well as major networks, the worm appears to have infected personal computers being used at home, she said.

Symantec said it believed at least 100 organizations and individuals had been targeted by the worm, and that these were "primarily located in the Middle East". The worm appeared to have transferred to Hungary, Russia, Austria and Hong Kong, though these may have been hit accidentally.

The use of so-called cyber-warfare was taken to new levels by Stuxnet, which disabled some of the centrifuges inside the Natanz enrichment plant, southwest of Tehran.

Though nobody has been able to say confidently who was responsible for building the virus, only certain countries are thought to have the necessary capability, or intent.

Israel and the U.S. are thought to be world leaders in the development of such technology. Last year an investigation by the New York Times claimed Stuxnet was a joint U.S./Israeli operation designed to undermine Iran's efforts to make a bomb of its own.

Intellpuke: You can read this article by Guardian Defense and Security correspondent Nick Hopkins in context here: www.guardian.co.uk/world/2012/may/28/computer-worm-iran-oil-w32flamer


Email To A Friend
Email this story to a friend:
Your Name:
Their Email:
 
Readers Comments
Add your own comment.
(Anonymous commenting now enabled.)

Creative Commons License
Free Internet Press is licensed under a Creative Commons Attribution 3.0 United States License. You may reuse or distribute original works on this site, with attribution per the above license.

Any mirrored or quoted materials may be copyright their respective authors, publications, or outlets, as shown on their publication, indicated by the link in the news story. Such works are used under the fair use doctrine of United States copyright law. Should any materials be found overused or objectionable to the copyright holder, notification should be sent to editor@freeinternetpress.com, and the work will be removed and replaced with such notification.

Please email editor@freeinternetpress.com with any questions.

Our Privacy Policy can be viewed at https://freeinternetpress.com/privacy_policy.php

XML/RSS/RDF Newsfeed Syndication XML/RSS/RDF Newsfeed Syndication: http://freeinternetpress.com/rss.php

XML/RSS/RDF Newsfeed Syndication XML News Sitemap