Once again, the world of computing and computer users is on the edge of its seat as we hear about a new, highly sophisticated computer virus that's been unleashed. Oh, we're still supposed to be mollified as the Homeland Security Dept. has assured companies and users that "so far no infections have been discovered inside the U.S.". That's some consolation!
'FLAME' is described as a sophisticated espionage "tool" which uses encryption and other techniques to "help break into computers and move through private or corporate networks. The virus can then eavesdrop on all data traffic, take screen shots and record audio and keystrokes. The Homeland Security Dept. said its origin was a "mystery".
Some time ago I also blogged about the Stuxnet computer worm:
which had been unleased ostensibly to foul up Iran's nuclear program, via its centrifuge system. However, the viciousness of the thing was such that no one could ensure there'd be no collateral damage - and indeed there was as thousands of computers were infected and went down around the world.
In the case of Stuxnet, its malicious trail commenced in June of 2010, when it was first detected and isolated by a tiny company in Belarus after one of its clients in Iran complained about a software glitch. Subsequently, reports filtered in that Iran's centrifuges were somehow compromised, though they didn't let on that they were aware of the real culprits which I suspected at the time was the NSA, whose cryptological-computer-savvy 'fingerprints' were all over it.
Recent press reports, e.g. in The New York Times, have fully confirmed my suspicions - though seeking to dilute sponsorship by attribution to U.S. -Israeli sources. Don't buy it for a second. At least ninety percent was due to the code cracker, encryption eggheads and their ilk based at Ft. Meade, MD. (Sometime in 1995 while trying to get back to Columbia, MD from Laurel, wifey and I took a wrong turn and ended up on the parking lot of Spook City - and were numbed by its monstrous size. You can believe these guys can do anything there and this was confirmed for us after the appearance of The Baltimore Sun series: 'No Such Agency: America's Fortress of Spies', by Scott Shane and Tom Bowman, Dec. 3-15, 1995)
But as I noted in the earlier blog on Stuxnet, because of the hubristic, belligerent and arrogant actions of an enclave of pointy-headed computer geeks at the Puzzle Palace, and maybe hints from allies, we were all put at risk and still are. Because the code was eventually unravelled and now can be used as is or more likely tweaked by any cyber enemy. Again, our own 'posse' has outwitted themselves and ended up opening a 'Pandora's Box' that can come back to bite us on the ass. One wonders if the release of these viruses is simply to see what they can do....not considering the consequences.
Let's bear in mind, as an AP Report piece has noted ('Digital Virus has Nations on Alert', today's Denver Post):
"Unlike a bullet or a missile fired at an enemy, a cyberweapon that spreads across the internet might circle back to infect computers it was never supposed to target. It's one of the unusual challenges facing the programmers who build such weapons."
"Challenges"? How about simple recognition of the Law of Unintended Consequences which most humans have been aware of since the year Dot, but which their hubris never seems to allow them to finally process. .
Again, if releasing Stuxnet was stupid, then releasing FLAME is mega-Stupid!
Meanwhile, according to the AP report today, Russian digital security provider Kaspersky Lab - which first identified the virus - SAID Flame's complexity and functionality 'exceed those of all other cyber menaces know to date'"
Those words were enough to convince me that, like the Stuxnet worm, FLAME is a creature of the geeks at NSA. Thus the AP report's ending "Yet FLAME's author remains unknown because there is no information in the code of the virus that would link it to a particular country" merely confirmed its place and source of origin.
Well, at least it's nice to know where up to $100b of our yearly budget is going to. For my part pardon me, but I'd be much much happier with a manned Mars program! So would my computer, assured that it's not going to be boomerang- whacked by a virus created by guys allegedly out to "protect us".