MiniFlame Virus Allegedly Released by U.S. Government

By | Oct 22, 2012

The latest virus to be discovered in ongoing cyber warfare between the U.S. and Iran, the "MiniFlame" is a "surveillance" super virus designed to perform surgical strikes on computing systems. Researchers have alluded that both this new virus and the previously released Flame virus have the same source. While Flame is being used to gain initial intelligence. the MiniFlame is deployed for closer scrutiny. The MiniFlame is a high precision tool that was created to attack "high value targets" internationally.

Cyberspace seems to be the frontier in which a somewhat silent battle is playing out. The U.S. and the Israelis are developing cyber tools to gather valuable intelligence on nuclear programs as talks of military strikes against Iran intensify. Evidence of this has been found by the Iranians, and, according to Kaspersky (a Moscow based Internet Security firm), this brewing cyber feud should be of great concern to governments and businesses alike.

Cyber War Brewing

One of the most well-known of these U.S.-Israeli built cyber weapons is Stuxnet, which was developed for the purpose of launching cyber attacks against the Iranian Nuclear infrastructure. The super worm accomplished this task remarkably, having affected some 1,000 Iranian centrifuges. According to Wired, this intrusion was discovered in 2010 by the Iranian cyberspace department. The casualty of this infection was about 100,000 computers in countries such as Lebanon and Iran.

By the time of this discovery, Flame and Gauss had already been unleashed. Different from Stuxnet, Flame and Gauss are powerful and highly sophisticated cyber-espionage tools with more advanced capabilities. Flame is able to retrieve screenshots of a computer and even record audio conversations that take place in the vicinity of an infected machine. It can also intercept keyboard inputs and wipe out data remotely. Iran, on the other hand, has been accused of masterminding a number of cyber attacks on U.S. interests, including a recent attack on major banks that included JP Morgan Chase and Bank of America.

According to eWeek, researchers from Kaspersky and Symantec have noted that MiniFlame can work together with viruses like Flame and Gauss to extract data. Despite the fact that security experts are uncovering these viruses at an alarming rate, there is still a significant number of businesses that are not aware of this disturbing trend. Importantly, small and midsize businesses tend to be less familiar with emerging security threats when compared to their larger counterparts.

Why Midsize Businesses Should Be Concerned

It's very important for midsize businesses to be aware of the significant risks and threats of cyber warfare. Small and midsize businesses have less to work with when it comes to security and, therefore, are more vulnerable when faced with advanced cyber threats.

News of the Flame and similar viruses has demonstrated to industry players the complexity of these cyber weapons. These events also indicate that government cyber-security priorities are very different from the concerns of the enterprise community.

To slip into targeted computer systems, Flame utilized a Windows update feature thereby exposing Windows users worldwide, including those here in the U.S. Interestingly, this was done by government agencies, without notice to the public or Microsoft. Actions like these have important ramifications for small and midsize businesses because Windows based computers are still the most popular desktop computing systems at small and midsize firms.

IT managers at midsized firms can no longer leave it up to Microsoft, or other major third party technology vendors to provide bulletproof procedures for updates and security patches. These procedures may be exploited not just by cyber criminals and cyber terrorists but even by government agencies.

The government already has extensive information on most businesses, including tax and financial data. Now that the government is also in the business of creating malware, the enterprise community is facing unprecedented security exposure in a cyber war that is likely to be around for a while.

In this chaotic cyber environment, with trends such as the cloud and virtualization making security more complicated, ultimately it is the responsibility of IT managers at midsize firms to maintain the integrity and security of data within a company. Therefore, IT managers must be aware of the evolving nature of a warfare in which the actors have the most advance cyber weapons at their disposal.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

IBM Solution Security & Resiliency

IBM IT security expertise can help medium-sized businesses develop, implement and maintain comprehensive strategies to combat ever-evolving security threats without increasing complexity, cost, or resources required for administration.

Learn More »

More on This Topic

Three Security Concerns for 2016

By Allan Pratt on Dec 4, 2015
As we near the end of 2015, what will 2016 look like in the information security sector? Undoubtedly there be an increase in data breaches across all industries, but will businesses take the high road and inform their customers and ...