Iran Under Mysterious 'Flame' Cyber Attack

[Ogopogo]

http://www.newsmax.com/Newsfront/iran-f ... /id/440423

Iran Under Mysterious 'Flame' Cyber Attack

Monday, 28 May 2012 05:21 PM


Security experts have discovered a highly sophisticated computer virus in Iran and other Middle East countries that they believe was deployed at least five years ago to engage in state-sponsored cyber espionage.

Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran's nuclear program in 2010, according to Kaspersky Lab, the Russian cyber security software maker that claimed responsibility for discovering the virus.

Kaspersky researchers said on Monday they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it.

Iran has accused the United States and Israel of deploying Stuxnet.

Cyber security experts said the discovery publicly demonstrates what experts privy to classified information have long known: that nations have been using pieces of malicious computer code as weapons to promote their security interests for several years.

"This is one of many, many campaigns that happen all the time and never make it into the public domain," said Alexander Klimburg, a cyber security expert at the Austrian Institute for International Affairs.

A cyber security agency in Iran said on its English website that Flame bore a "close relation" to Stuxnet, the notorious computer worm that attacked that country's nuclear program in 2010 and is the first publicly known example of a cyber weapon.

Iran's National Computer Emergency Response Team also said Flame might be linked to recent cyber attacks that officials in Tehran have said were responsible for massive data losses on some Iranian computer systems.

Kaspersky Lab said it discovered Flame after a U.N. telecommunications agency asked it to analyze data on malicious software across the Middle East in search of the data-wiping virus reported by Iran.

STUXNET CONNECTION

Experts at Kaspersky Lab and Hungary's Laboratory of Cryptography and System Security who have spent weeks studying Flame said they have yet to find any evidence that it can attack infrastructure, delete data or inflict other physical damage.

Yet they said they are in the early stages of their investigations and that they may discover other purposes beyond data theft. It took researchers months to determine the key mysteries behind Stuxnet, including the purpose of modules used to attack a uranium enrichment facility at Natanz, Iran.

"Their initial research suggest that this was probably written by the authors of Stuxnet for covert intelligence collection," said John Bumgarner, a cyber warfare expert with the non-profit U.S. Cyber Consequences Unit think tank.

Flame appears poised to go down in history as the third major cyber weapon uncovered after Stuxnet and its data-stealing cousin Duqu, named after the Star Wars villain.

The Moscow-based company is controlled by Russian malware researcher Eugene Kaspersky. It gained notoriety after solving several mysteries surrounding Stuxnet and Duqu.

Their research shows the largest number of infected machines are in Iran, followed by Israel and the Palestinian territories, then Sudan and Syria.

The virus contains about 20 times as much code as Stuxnet, which caused centrifuges to fail at the Iranian enrichment facility it attacked. It has about 100 times as much code as a typical virus designed to steal financial information, said Kaspersky Lab senior researcher Roel Schouwenberg.

GATHERING DATA

Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.

Kaspersky Lab said Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and that both viruses employ a similar way of spreading.

That means the teams that built Stuxnet and Duqu might have had access to the same technology as the team that built Flame, Schouwenberg said.

He said that a nation state would have the capability to build such a sophisticated tool, but declined to comment on which countries might do so.

The question of who built flame is sure to become a hot topic in the security community as well as the diplomatic world.

There is some controversy over who was behind Stuxnet and Duqu. Some experts suspect the United States and Israel, a view that was laid out in a January 2011 New York Times report that said it came from a joint program begun around 2004 to undermine what they say are Iran's efforts to build a bomb.

The U.S. Defense Department, CIA, State Department, National Security Agency, and U.S. Cyber Command declined to comment.

Hungarian researcher Boldizsar Bencsath, whose Laboratory of Cryptography and Systems Security first discovered Duqu, said his analysis shows that Flame may have been active for at least five years and perhaps eight years or more.

That implies it was active long before Stuxnet.

"It's huge and overly complex, which makes me think it's a first-generation data gathering tool," said Neil Fisher, vice president for global security solutions at Unisys Corp. "We are going to find more of these things over time."

Others said that cyber weapons technology has inevitably advanced since Flame was built.

"The scary thing for me is: if this is what they were capable of five years ago, I can only think what they are developing now," Mohan Koo, managing director of British-based Dtex Systems cyber security company.

Some experts speculated that the discovery of the virus may have dealt a psychological blow to its victims, on top of whatever damage Flame may have already inflicted to their computers.

"If a government initiated the attack it might not care that the attack was discovered," said Klimburg of the Austrian Institute for International Affairs. "The psychological effect of the penetration could be nearly as profitable as the intelligence gathered." (Additional reporting by Jim Wolf in Washington, Daniel Fineran in Dubai and William Maclean in London; editing by Edward Tobin, Ron Popeski and Mohammad Zargham)

© 2012 Thomson/Reuters. All rights reserved.

Read more on Newsmax.com: Iran Under Mysterious 'Flame' Cyber Attack
Important: Do You Support Pres. Obama's Re-Election? Vote Here Now!

[Ogopogo]

http://www.washingtonpost.com/world/nat ... story.html

U.S. officials among the targets of Iran-linked assassination plots

Prakash Singh/AFP/Getty Images - Investigators at Tughlaq Road police station inspect a vehicle that exploded near the Israeli embassy in New Delhi, on February 14, 2012. The blast that badly wounded an Israeli diplomat was a terrorist attack by a highly-trained operative, the Indian government said, as Israel accused Iran of being responsible.


By Joby Warrick, Published: May 27

In November, the tide of daily cable traffic to the U.S. Embassy in Azerbaijan brought a chilling message for Ambassador Matthew Bryza, then the top U.S. diplomat to the small Central Asian country. A plot to kill Americans had been uncovered, the message read, and embassy officials were on the target list.

The details, scant at first, became clearer as intelligence agencies from both countries stepped up their probe. The plot had two strands, U.S. officials learned, one involving snipers with silencer-equipped rifles and the other a car bomb, apparently intended to kill embassy employees or members of their families.

A string of volatile incidents in late 2011 raised tensions between the United States and Iran.

Both strands could be traced back to the same place, the officials were told: Azerbaijan’s southern neighbor, Iran.

The threat, many details of which were never made public, appeared to recede after Azerbaijani authorities rounded up nearly two dozen people in waves of arrests early this year. Precisely who ordered the hits, and why, was never conclusively determined. But U.S. and Middle Eastern officials now see the attempts as part of a broader campaign by Iran-linked operatives to kill foreign diplomats in at least seven countries over a span of 13 months. The targets have included two Saudi officials, a half-dozen Israelis and — in the Azerbaijan case — several Americans, the officials say.

In recent weeks, investigators working in four countries have amassed new evidence tying the disparate assassination attempts to one another and linking all of them to either Iran-backed Hezbollah militants or operatives based inside Iran, according to U.S. and Middle Eastern security officials. An official report last month summarizing the evidence cited phone records, forensic tests, coordinated travel arrangements and even cellphone SIM cards purchased in Iran and used by several of the would-be assailants, said two officials who have seen the six-page document.

Strikingly, the officials noted, the attempts halted abruptly in early spring, at a time when Iran began to shift its tone after weeks of bellicose anti-Western rhetoric and threats to shut down vital shipping lanes. In March, Iranian officials formally accepted a proposal to resume negotiations with six world powers on proposals to curb its nuclear program.

“There appears to have been a deliberate attempt to calm things down ahead of the talks,” said a Western diplomat briefed on the assassination plots, who spoke on the condition of anonymity because of the sensitivity of the intelligence. “What happens if the talks fail — that’s anyone’s guess.”

Less clear is whether the attempts were ordered by government officials or perhaps carried out with the authorities’ tacit approval by intelligence operatives or a proxy group such as Hezbollah. Many U.S. officials and Middle East experts see the incidents as part of an ongoing shadow war, a multi-sided, covert struggle in which Iran also has been the victim of assassinations. Four scientists tied to Iran’s nuclear program have been killed by unknown assailants in the past three years, and the country’s nuclear sites have been hobbled by cyberattacks. Iran has accused the United States and Israel of killing its scientists, but it has repeatedly denied any role in plots to assassinate foreign diplomats abroad.

The Obama administration has declined to directly link the Azerbaijan plot to the Iranian government, avoiding what could be an explosive accusation at a time when the two governments are engaged in negotiations on limiting Iran’s nuclear program. U.S. officials say they are less convinced that top Iranian and Hezbollah leaders worked together to coordinate the attempted hits, noting that both groups have a long history of committing such acts on their own, and for their own purposes.

“The idea that Iran and Hezbollah might have worked together on these attempts is possible,” said a senior U.S. official who has studied the evidence, “but this conclusion is not definitive.”

Personal Post

Graphic
Timeline: A look at international violence that has been attributed to Iran.
Click Here to View Full Graphic Story

Timeline: A look at international violence that has been attributed to Iran.

Gallery

A string of volatile incidents in late 2011 raised tensions between the United States and Iran.

‘Walking a fine line’

Attacks directly targeting American diplomats are rare but not unknown. In 2002, Laurence Foley, a senior official at the U.S. Embassy in Jordan, was fatally shot by suspected Islamist extremists outside his home in Amman, and other diplomats have been killed in recent years in Pakistan, Sudan and Iraq. U.S. intelligence officials believe that Americans would probably have been killed if an alleged Iranian plot to kill Saudi Arabia’s ambassador to Washington last year had succeeded.

In Azerbaijan, however, embassy officials have been alerted to plots against employees at least three times in the past two years. In each case, the alleged planners were discovered and the threats quietly put down by Azerbaijani authorities, working closely with American counterterrorism officials, according to U.S. and Middle Eastern officials familiar with the incidents. Azerbaijan, a majority-Muslim country of 9 million, has had a troubled history with its much larger neighbor to the south, but it publicly seeks to maintain friendly relations with Iran, whose population is 16 percent ethnic Azerbaijani.

Embassy employees were told little about the threats. Bryza, the ambassador at the time, worked with embassy security officers to quietly tighten procedures while officials in Washington tried to assess the seriousness of the threats, the officials said. Bryza, who left the State Department this year after the Senate blocked confirmation of his re-nomination to the ambassador’s post, declined to comment about the events.

“They were walking a fine line, trying to avoid panic while taking the necessary precautions,” said a former State Department official who dealt regularly with the embassy. “There was a constant operational concern during that time.”

The most recent threat came to light after a foreign spy agency intercepted electronic messages that appeared to describe plans to move weapons and explosives from Iran into Azerbaijan. Some of the messages were traced to an Azerbaijani national named Balagardash Dashdev, a man with an extensive criminal background and, according to a Middle East investigator involved in the case, deep ties to a network of intelligence operatives and militant groups based inside Iran.

Working from inside Iran, officials said, Dashdev in late October began coordinating the shipment of explosives, weapons and cash to Azerbaijani contacts, including relatives and former criminal associates. As U.S. and Middle Eastern intelligence deepened their surveillance, they began to discern what the Middle Eastern investigator described as a “jumble of overlapping plans,” some specifically aimed at Azerbaijan’s small Jewish community and others targeting diplomats and foreign-owned businesses in Baku, the country’s sprawling capital on the Caspian Sea.

During the late fall and early winter, the weapons were smuggled into the country along with at least 10 Iranian nationals recruited to help carry out the plot, U.S. and Middle Eastern officials said.

The Azerbaijani participants had been paid a cash advance and were beginning to conduct surveillance on a list of targets — including a Jewish elementary school, a U.S.-owned fast-food restaurant, an oil company office and “other objects in Baku,” according to a brief statement issued by the Azerbaijani government after a series of raids in which about two dozen alleged accomplices were arrested between January and early March.

Personal Post

Graphic
Timeline: A look at international violence that has been attributed to Iran.
Click Here to View Full Graphic Story

Timeline: A look at international violence that has been attributed to Iran.

Gallery

A string of volatile incidents in late 2011 raised tensions between the United States and Iran.

The Obama administration acknowledged in March that the U.S. Embassy may have been among the intended targets. But in the months since then, the suspects under questioning revealed extensive details about the “other objects in Baku” that had been on the target list, confirming that the would-be assassins intended to go beyond attacks on buildings.

“They were going after individuals,” said the former State Department official who worked closely with the embassy in Baku. “They had names [of employees]. And they were interested in family members, too.”

The alleged plot leader, Dashdev, would tell investigators that the planned attacks were intended as revenge for the deaths of the Iranian nuclear scientists, attacks that Iran has publicly linked to Israel and the United States. Iran vehemently denied involvement in any assassination plot inside Azerbaijan, and the Iranian Embassy in Baku suggested in a statement that the plot was fiction.

“We believe that the glorious people of Azerbaijan understand that this part of the script of Iranophobia and Islamophobia is organized by the Zionists and the United States,” the statement read. Attempts to contact Iranian officials for additional comments for this article were unsuccessful. Dashdev, who confessed to his role in a videotaped message broadcast on Azerbaijani television, remains in custody and could not be reached for comment. Baku officials have repeatedly accused Iran of stirring up unrest among pro-Iranian extremists to drive a wedge between Azerbaijan’s population and its government, which cooperates closely and openly with Western counterterrorism agencies.

“What we are trying to do is build a strong, independent nation that is a responsible actor,” Elin Suleymanov, Azerbaijan’s ambassador to Washington, said in an interview. “We have told all our friends and neighbors that expressing disagreement in a civilized way is more beneficial than resorting to terrorism or promoting radicalization.”

String of foiled attacks

U.S. and Middle Eastern officials say the Azerbaijan plot fits a pattern seen in numerous other recent attempts linked to Iran. The foiled assassination of Saudi Arabia’s ambassador to Washington involved a similar plan to hire criminal gangs — in this case, members of a Mexican drug cartel — to kill a senior diplomat in a public setting, U.S. intelligence officials note.

The report presented to U.S. officials last month asserts extensive links between attempted assassinations of diplomats in five other countries: India, Turkey, Thailand, Pakistan and the former Soviet republic of Georgia. Each attempt was carried out by operatives with direct ties to Iran or Hezbollah and directed against diplomats from countries hostile to Iran, the reports states.

Israeli and Indian officials have described substantial Iranian links to a car bombing in February that seriously wounded the wife of an Israeli diplomat in New Delhi. In that Feb. 13 attack, an assailant on a motorcycle attached a magnet bomb to a diplomatic car in which the woman was riding, injuring her and her driver. Indian police have charged an Indian man — a free-lance journalist working for Iranian news organizations — with organizing the attack with the help of three Iranian nationals who had entered the country.

The next day, an alleged plot to kill Israeli diplomats in Bangkok was thwarted when a bomb being assembled exploded prematurely.

The car bombs prepared for use in both attacks were virtually identical, with a magnetic outer shell that was smuggled into the two countries, to be combined later with C4 military explosives obtained from a still-unknown source. Two of the Iranian nationals allegedly involved in the Bangkok attempt were captured, and they, like the suspects in Azerbaijan, are continuing to provide clues to investigators.

The suspects, thought to be low-level operatives, either do not know or will not say who ordered the attacks, leaving investigators to speculate about how far up within Iran’s government the plots may have originated.

“There is not yet a smoking gun,” said the Western diplomat briefed on the evidence. “But the pattern is clear, and each day the volume of evidence grows.”

[Ogopogo]

http://online.wsj.com/article/SB1000142 ... 44034.html

Updated May 28, 2012, 7:36 p.m. ET

On Iran, We'll Probably Get Fooled Again
The regime has treated the West the way a shark would a squid.

In May 1981, John Kifner, a reporter for the New York Times who had covered the Iranian hostage crisis from start to finish, wrote a lengthy story seeking to explain how the embassy seizure had come about and why it dragged out for 444 agonizing days. Thirty-one years later, it still makes for timely reading:

"The early attempts at negotiations," Mr. Kifner wrote, "all sank on the rock of Ayatollah Khomeini's moral absolutism. 'This is a war of Islam against blasphemy,' [Khomeini] said. He dismissed the possibility of armed attack, saying that much of the population was 'looking forward to martyrdom,' and he brushed off the threat of economic sanctions: 'We know how to fast.'"

Give the late ayatollah his due: He had the courage of his convictions—and he had the West's number. So does his regime. The Islamic Republic has insisted all along that nuclear enrichment is its right. It has consistently responded to threats and sanctions by expanding its nuclear program, bearing the economic sacrifice while forcing the West to bargain for less and less. Yes, the regime is almost certainly lying when it says it has no interest in nuclear weapons. But since when have nations laid bare their secrets or revealed their intentions to the enemy?

Altogether, the regime has treated the West the way a shark would a squid: with the combination of appetite and contempt typically reserved for the congenitally spineless.


Iran's chief negotiator Saeed Jalili after a meeting in Baghdad on Thursday over Iran's nuclear program.

And so it was last week, when the U.S. and its partners arrived in Baghdad for another round of talks with Tehran, confident they were at last about to turn the diplomatic corner. The head of the U.N.'s nuclear watchdog agency had just announced that he and his Iranian counterpart had all but inked a deal to inspect sites suspected of illicit nuclear work. The looming threat of oil sanctions and the possibility of an Israeli strike were said to be weighing heavily on Iranian minds.

"American negotiators, heading into a crucial round of talks with Iran over its nuclear program . . . are allowing themselves a rare emotion after more than a decade of fruitless haggling with Tehran: hope," wrote the Times's Mark Landler on May 19.

"The Iranians are in a position of needing to pursue diplomacy, if anything, even more than they did before," former diplomat Dennis Ross told Mr. Landler. "It's not like they have any other good news right now."

Maybe it will someday occur to the likable Mr. Ross that every time he's counted on a diplomatic breakthrough—whether with Yasser Arafat, Hafez al-Assad or Ali Khamenei—he's counted wrong. This time, Iran did more than just reject demands to shut down its underground enrichment facility at Fordo and ship its near-bomb-grade uranium abroad. It also announced it would do precisely the opposite: install more centrifuges at Fordo, increase the rate of enrichment, and forbid any U.N. inspections of suspected military sites.

The West's response? It has agreed to another round of talks next month in Moscow, thereby giving the Iranians the one thing they wanted from the negotiations, which is time.

This isn't the first time the West has hopped with excitement at the promise of a diplomatic breakthrough with Tehran. "Iran experts and regional analysts say . . . that Iran may finally be ready to make a deal." That was the analysis in the New York Times—in October 2009.

"European Union foreign policy chief Javier Solana was optimistic Friday about progress in talks to persuade Iran to bring its nuclear program into line with international demands." That was from an Associated Press story from September 2006.

You can root around Google or Factiva and find similar sequences of headlines from other years: high hopes for a negotiated breakthrough, followed by Iran's rejection of a deal, followed by the agreement to meet again, followed by—you get the point. How many times can the West allow itself to be fleeced in this bazaar?

Iran's guess: plenty more. The regime's tactical gamble is that the Obama administration has its own reasons to drag out the talks at least through November's election. That's probably right.

The Iranians may also be gambling that any Israeli strike will prove costly, unpopular and ineffectual, thereby tagging Israel as the aggressor while crippling its deterrent power in the long run. That's more of a gamble, but from the Iranian perspective it may be one well-worth taking.

The larger question is why the U.S. continues to believe that there's a grand bargain to be struck with the mullahs, and that it lies just inches out of reach. Western analysts have become experts in explaining why Tehran has rejected every diplomatic overture made to it—bad timing, bad mood music, niggardly terms—without ever alighting on what Mr. Kifner noted in 1981: The mullahs believe they have a cause worth fighting for. They take our concessions as evidence of weakness, and our pragmatism as proof of corruption. They're not entirely mistaken.

For 33 years, Iran has dealt with us as an enemy. Until we return the favor, we will be fooled again.

Write to bstephens@wsj.com

A version of this article appeared May 29, 2012, on page A11 in the U.S. edition of The Wall Street Journal, with the headline: On Iran, We'll Probably Get Fooled Again.

[Ogopogo]

http://www.time.com/time/world/article/ ... 70,00.html

Attacked by "Flame": Will Iran Retaliate for the Latest Cyberassault?
By Babak Dehghanpisheh Tuesday, May 29, 2012
Log In with Facebook

Sharing TIME stories with friends is easier than ever. Add TIME to your Timeline.
Learn More
ENLARGE PHOTO+

An undated screen grab taken released by the Kaspersky Lab site shows a program of the computer virus known as Flame.
KAPERSKY LAB / AFP / GETTY IMAGES

The Iranian technicians went into panic mode late last month as a virus surged through computers at the Ministry of Oil, wiping out hard drives and crashing several websites. One by one, oil terminals in the Persian Gulf were disconnected from the Internet to prevent further damage and a crisis committee was formed to deal with the fallout. By the time the virus had been contained some 24 hours later, computers and websites from the National Iranian Oil Company, the National Gas Company, the Ministry of Oil and several subsidiary companies had taken a hit, according to reports in the Iranian media.

That cyber-attack was downplayed in reports from hardline, government-linked news organizations. But it now appears that the damage could have been done by Flame, a new type of virus that appears even more sophisticated than the Stuxnet worm that wreaked havoc on Iran's nuclear program. In fact, the coding for the Flame virus is roughly 20 times the size of Stuxnet, astonishing many cyber-experts. It has infected more computers in Iran than anywhere else in the world. "This malware can do nearly anything," says Boldizsar Bencsath, a senior analyst at the Laboratory of Cryptography and Systems Security in Budapest, which was one of the first institutions to dissect the virus. "It could be linked to these attacks."

(PHOTOS: Stefano de Luigi Photographs the Cinema of Iran)

For the Iranian regime, constantly paranoid about external enemies, it's clear that this is another attack in a cyber war that is escalating month by month. Many officials blamed the United States and Israel for the Stuxnet virus and the initial reaction from Tehran appears to point the finger at the same culprits. "It's in the nature of some countries or illegitimate regimes to produce viruses and hurt other countries. We hope that these viruses are knocked out and no one gets hurt," Ramin Mehmanparast, the foreign ministry's spokesman, said at a press conference in Tehran on Tuesday. Israeli officials, for their part, did little to dispel suspicion of their involvement. "For anyone who sees the Iranian threat as significant, it is reasonable that he would take different steps, including these, in order to hobble it," vice prime minister Moshe Yaalon said cryptically on Tuesday.

The Iranian government has long anticipated this digital conflict and has tried to assess both external and internal threats. As part of its readiness for this kind of conflict, Tehran has reportedly spent $1 billion to boost its cyber-defense and offense capabilities in recent months. That has included the purchase of sophisticated monitoring software from ZTE, a Chinese telecom company, as well as filling the ranks of the Iranian Cyber Army with tens of thousands of recruits, according to some officials. The Cyber Army is believed to be linked to the Revolutionary Guard.

(MORE: Russian Firm: Another Cyber Attack on Iran)

The Cyber Army first gained notoriety — and some street cred from hackers — when they took down Twitter in 2009. They have also hacked many Iranian opposition websites and played a lead role in tracking down activists. Last year, the Iranian government also announced the creation of a cyber-police division to help track political dissent online and fight what the regime sees as a "soft war" being waged by anti-regime elements through social media and immoral websites. Just how seriously the government takes the issue was apparent in March when Supreme Leader Ayatollah Ali Khamenei ordered the creation of a Supreme Council of Cyberspace, a governmental body that will include the president, the head of the Revolutionary Guard, the head of the judiciary and the speaker of parliament among other top officials.

Still, it's clear that the Iranian government was unprepared for an attack as sophisticated as the Flame virus. In fact, few other governments could have been. The virus had burrowed into Iranian computer systems at least since 2010 and possibly earlier, sending out data from infected computers. The virus enabled infected computers to take screen shots, turn on attached microphones and record audio, change computer settings, log instant messages and even scan for Bluetooth enabled devices. Among the cyber-experts who have analyzed the virus, there is little doubt that the only group that would have the resources and know-how to deploy such a sophisticated cyber-weapon would be a governmental body. "This was made by some government agency," says Bencsath in Budapest. "The evidence is that it's used for spying on a specific area."

(MORE: The Breakdown: Who Supports CISPA and Who Doesn't)

If the Flame virus was created by a governmental agency, it's a risky gambit. The flip side of a cyber-attack is that the virus could be analyzed and repurposed for future attacks. "Unlike a traditional weapon like a bomb, which explodes and disappears, cyber-weapons stay in the system," says Vitaly Kamluk, the chief malware expert for Kaspersky Lab, a Russian IT security company that has done extensive work on the Flame virus. "If someone has the resources to reverse engineer, it can be reprogrammed and used against the enemy. That's a risk."

In a Congressional hearing in late April, a handful of experts testified that Iran is beefing up its cyber-offense capabilities and could be preparing for an attack. The U.S. power grid, in particular, could be a relatively easy target. "What the Iranians lack in capability they make up in intent. Cyber levels the playing field," says Frank Cillufo, director of the Homeland Security Policy Institute at George Washington University, who testified before Congress during the hearing. "If you look at our own infrastructure, we are quite vulnerable and susceptible."

(MORE: Iran Relaunches Russian-made Submarine)

The Iranian government has been a top suspect in some relatively sophisticated cyber attacks. Last August, a Dutch company called DigiNotar was hacked and a number of SSL certificates, which are used for the encryption of information on the Internet, were stolen. A large number of fraudulent certificates soon appeared on Iranian Internet service providers and were used to track individuals' activities on sites linked to Google and Yahoo among others. This wasn't a cyber smoking gun but it was close: opposition activists suspect that the Iranian government had taken the digital certificates in order to monitor dissident activity in the country. "You can't be 100 percent sure but there's enough circumstantial evidence that it was the Iranian government," says Mehdi Yahyanejad, one of the founders of Balatarin, a community website in Farsi that has become a favorite of the Iranian opposition and has been hacked several times.

Is the Iranian government planning any revenge attacks against the U.S. or Israel for the damage done by Stuxnet or the Flame virus? An editorial that ran last year in the conservative daily Kayhan, whose editor is close to Supreme Leader Khamenei, struck an ominous tone. "Skilled players have appeared who can, in a short period of time, do astonishing and unbelievable damage to American infrastructure," the editorial read. "All they need is a connected computer and knowledge that is no longer under the exclusive control of Western countries." It looks like the cyber-war may be just beginning.

(MORE: As the U.S. and Others Toss Syria's Envoys, Is Moscow Changing Its Mind About Assad?)

Read more: http://www.time.com/time/world/article/ ... z1wPTKJTE4

[Ogopogo]

http://www.jpost.com/International/Arti ... ?id=277803

New cyber espionage virus found targeting Iran
By REUTERS
07/17/2012 17:20
Dubbed the "Mahdi campaign" by security experts, the software is the first to be written in Farsi, stole info from around the Mideast.
Cyber warfare [illustrative] Photo: Ho New / Reuters

BOSTON - Security experts have uncovered an ongoing cyber espionage campaign targeting Iran and other Middle Eastern countries that they say stands out because it is the first such operation using communications tools written in Persian.

Israeli security company Seculert and Russia's Kaspersky Lab, said on Tuesday that they identified more than 800 victims of the operation. The targets include critical infrastructure companies, engineering students, financial services firms and government embassies located in five Middle Eastern countries, with the majority of the infections in Iran.
Related:

Ya'alon hints at Israeli role in 'Flame' virus
Expert: 'Flame' can sabotage computers, attack Iran

Seculert and Kaspersky declined to identify specific targets of the campaign, which they believe began at least eight months ago. They said they did not know who was behind the attacks or if was a nation state.

"It's for sure somebody who is fluent in Persian, but we don't know the origin of those guys," said Seculert Chief Technology Officer Aviv Raff.

The Mahdi Trojan lets remote attackers steal files from infected PCs and monitor emails and instant messages, Seculert and Kaspersky said. It can also record audio, log keystrokes and take screen shots of activity on those computers.

The firms said they believed multiple gigabytes of data have been uploaded from targeted machines.

"Somebody is trying to build a dossier of a larger scale on something," Raff said. "We don't know what they are going to do at the end."

Researchers have previously said that nation states were almost certainly behind the Flame virus, which was discovered earlier this year, and Duqu, which was uncovered in 2011.

Seculert and Kaspersky dubbed the campaign Mahdi, a term referring to the prophesied redeemer of Islam, because evidence suggests the attackers used a folder with that name as they developed the software to run the project.

They also included a text file named mahdi.txt in the malicious software that infected target computers.

[J.B. Stone]

FU*K IRAN.....!!!

[mindyrbusiness]

20 nations plan anti-mining exercise in Mideast, US says
http://global.fncstatic.com/static/PersianGulf.jpg
July 4, 2012: In this photo provided by the U.S. Navy, the USS Ponce transits the Persian Gulf en route to Bahrain, according to the U.S. Navy. (AP/US Navy)

Published July 17, 2012
Associated Press
n a move to bolster military strength against Iran, 20 nations will stage an anti-mining exercise in Mideast waterways.

Defense Department press Secretary George Little said the large minesweeping exercise Sept. 16-27 is a defensive drill and is "not ... aimed to deliver a message to Iran."

But Iran has threatened to close the Strait of Hormuz, the route for one-fifth of the world's oil, in retaliation for international sanctions over Tehran's nuclear program.

The upcoming exercise will focus on "a hypothetical threat from an extremist organization to mine the international strategic waterways of the Middle East, including the Red Sea, the Gulf of Aden, the Gulf of Oman, and the Persian Gulf, although exercise activities will not extend into the Strait of Hormuz," U.S. Central Command said in a statement.

"This is a defensive exercise aimed at preserving freedom of navigation in the international waterways of the Middle East and aimed at promoting regional stability," Little told Pentagon reporters on Tuesday.

Word of the exercise follows Monday's announcement that a second U.S. aircraft carrier will be sent to the region in September -- several months earlier than planned -- to ensure there will be two carriers in the region through early next year. The Pentagon also recently doubled the number of minesweepers in the region. And it sent the USS Ponce, an amphibious transport dock recently retrofitted to become what is known as an afloat forward staging base.

The buildup comes amid a stalemate in talks over Iran's nuclear program, which Tehran says is for peaceful purposes and other nations fear is to develop a nuclear weapon.

The exercise will practice mine countermeasures in multiple waterways. It will demonstrate "the international community's ability to work together to ensure free and secure trade," said Gen. James Mattis, commander for the region.

"Of the approximately 40 bilateral and multilateral exercises we'll conduct this year, this exercise also represents the extensive cooperation we enjoy with our international partners -- both in and outside the region -- with mutual economic and security interest," Mattis said.

Officials declined to name the other nations participating, saying they should identify themselves.

Read more: http://www.foxnews.com/politics/2012/07 ... z20zVATg8M