• Home
  • Subscribe
  • Donate to Tikun Olam
  • Comment Rules
  • Contact
  • About

Tikun Olam תיקון עולם

Breaking news on the Israeli national security state

Israel’s New Cyber-Virus Attacks Computers from Iran to Lebanon

October 16, 2012 by Richard Silverstein

24 shares
  • Twitter
  • Facebook24
  • Email
  • Reddit
  • Buffer

computers by country infect by mini flameKaspersky Labs announced today that it had discovered a new cyber-virus it’s calling mini-Flame, used to hack computer systems in the Middle East. The code, a variant of the Flame and Stuxnet computer worms, which have previously been attributed to joint Israeli and U.S. development, penetrated computers in Lebanon, Sudan, Iran, Saudi Arabia, Qatar, and Palestine. It appears, from the precision of the attack and the small number of victims, that those who created it did so as part of a comprehensive cyber-espionage program. With Stuxnet, they cast their net as wide as possible, seeking massive amounts of data from a wide number of computers. They then harvested the data and honed the code so that it went after a smaller, but much higher value set of targets. The report calls mini-Flame a “high precision surgical attack tool.”

The questions that remains unanswered are: precisely whom is it attacking and what specific information it seeks?

Among other things mini-Flame does is to take a “screenshot” of the computers it infects. It sends this image back to the home servers where the hackers can then explore the harvested data.

The list of targeted nations immediately calls Israel to mind as the likely author of the code. It already has a massive covert ops program in place against Iran. Lebanon and Sudan are natural targets because Hezbollah is an Iranian ally and Hamas has reportedly imported arms from Iran via Sudan. Israel has also used its drones to attack reputed Iranian arms convoys headed for Gaza through Sudan.

Qatar is reputed to be a possible future home of Hamas’s government in exile, which was forced to abandon Syria during the civil war. The Gulf state is also a major supporter (along with Saudi Arabia) of the Syrian rebel forces. Israel would certainly have great interest in monitoring developments on all these fronts since the outcome in Syria is of extreme interest to it.

Speaking of regional developments, events in Syria are taking an ominous turn.  Media reports say that Islamist forces are playing an increasing role in the uprising.

Knowing what we know about Israel’s national security and intelligence apparatus, it has to be tremendously active in ensuring an outcome in Syria that is favorable to Israel.  A quiescent government there that plays nicely and doesn’t rock the boat as far as Israel is concerned would be worth its weight in gold.

Iran and Hezbollah too have to have a huge interest in the outcome in Syria since they use the latter as a transhipment corridor for weapons and other valuable items between Iran and Lebanon, which are then used in the fight against Israel.  These erstwhile Assad allies have to realize that his days are numbered and that a new regime will end up in control.

Turkey, as Syria’s most powerful neighbor, will certainly have interests in this outcome that diverge from those of Israel and Iran.  It will be interesting to find out which horses each of these parties are betting on and if those horses perform according to their handicaps.

Keep your eyes out for Syria’s Chalabi.  This will be the horse Israel and the U.S. will want to bet on.  He’s out there for sure among the Syria resistance.

0 0 votes
Article Rating
Richard Silverstein
Website | + posts

Silverstein has published Tikun Olam since 2003, It exposes the secrets of the Israeli national security state. He lives in Seattle, but his heart is in the east. He publishes regularly at Middle East Eye, the New Arab, and Jacobin Magazine. His work has also appeared in Al Jazeera English, The Nation, Truthout and other outlets.

  • Richard Silverstein
    https://www.richardsilverstein.com/author/to487j/
    Cycle of Blood: Jerusalem Attacker's Palestinian Grandfather, Murdered by Jewish Terrorist
  • Richard Silverstein
    https://www.richardsilverstein.com/author/to487j/
    Bibi Fiddles While Jenin Burns
  • Richard Silverstein
    https://www.richardsilverstein.com/author/to487j/
    Leading Israeli Security Think Tank Warns of End of US-Israel "Special Relationship"
  • Richard Silverstein
    https://www.richardsilverstein.com/author/to487j/
    IDF Snipers Murder Palestinian Boys

Related

Filed Under: Mideast Peace Tagged With: cyber-warfare, hamas, hezbollah, iran, lebanon, stuxnet, syria

3 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
pabelmont
pabelmont
October 16, 2012 5:45 AM

Richard, which are more dangerous, drone attacks (and drone surveillance) or cyber attacks (or surveillance)?
They both cross international “boundaries” without permission, and both are hard to establish responsibility for. Does KASPERSKY really not know where the mini-Flame is coming from? Wow! If that can be hidden, all one can do is surmise from the character of the code that it is a national source (rather than corporate (?) or small-group or personal). If it is surveillance code, aren’t data being sent SOMEWHERE? Where?

0
Richard Silverstein
Richard Silverstein
Admin
Reply to  pabelmont
October 16, 2012 2:13 PM

Kaspersky doesn’t attribute attacks to specific countries even if they did know. They try to preserve political neutrality. But they honestly told me the origin of the code is unknown at this time.

I think the problem is that the data is being sent back to the C&C servers. But from there they can’t track where it’s sent. That’s my understanding but I’m not technically proficient in this stuff.

0
David
David
October 16, 2012 7:43 AM

The Kaspersky article mentions they found 92 Command & Control servers associated with miniFlame. The article mentions that miniFlame shares the same C&C server platform with the original Flame architecture. Kaspersky has written two papers on this, footnoted at the bottom of the article Richard cited here. One provides details of the hardware/software platform of the servers, and where (and to whom) they were registered:
https://www.securelist.com/en/blog/208193540/The_Roof_Is_on_Fire_Tackling_Flames_C_C_Servers

0
wpdiscuz   wpDiscuz

Donate via Mightycause

Donate via Paypal

Recent Posts

  • Cycle of Blood: Jerusalem Attacker’s Palestinian Grandfather, Murdered by Jewish Terrorist
  • Bibi Fiddles While Jenin Burns
  • Leading Israeli Security Think Tank Warns of End of US-Israel “Special Relationship”
  • IDF Snipers Murder Palestinian Boys
  • Israel’s Anti-Government Protest Quashes Display of Palestinian Flags

Search

  • Facebook
  • Twitter
  • Reddit

Categories

Archives

Pages

  • Photo Gallery
  • Home
  • Privacy Policy
  • Terms of Use

Publications (author page)

  • Middle East Eye
  • The Nation Magazine
  • Al Jazeera
  • Jacobin
  • New Arab
  • Comment is Free
  • Mint Press News
  • Truthout
  • Seattle Times

Mideast Peace

  • Michah's Paradigm Shift
  • Palestine Center for Digital Media
  • Open Hillel
  • Rebuilding Alliance
  • Just Vision
  • A Land for All
  • Palestine-Israel Journal
  • Al Shabaka
  • Shomrim
  • No Tech for Aparteid

Progressive Media

  • Challenging Christian Zionism
  • Vashti Media
  • Canadian Dimension
  • Global Voices
  • Scheer Post
  • Contrary Perspective
  • Jewish Voice for Labour

Meta

  • Log in
  • Entries RSS
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Tikun Olam is fiscally sponsored by Media Alliance, a 501(c)(3) nonprofit organization.

Be a Mensch: Support Tikun Olam!

Thanks for visiting Tikun Olam. It breaks exclusive stories on Israel-Palestine, often not yet published anywhere, including Israel. Please subscribe to new posts–and tell all your friends!

Support my unique work with a tax-deductible donation to Media Alliance, my fiscal sponsor.

You are going to send email to

Move Comment