- Associated Press - Saturday, June 2, 2012

WASHINGTON (AP) - The Obama administration is warning American businesses about an unusually potent computer virus that infected Iran’s oil industry even as suspicions persist that the United States is responsible for secretly creating and unleashing cyberweapons against foreign countries.

The government’s dual roles of alerting U.S. companies about these threats and producing powerful software weapons and eavesdropping tools underscore the risks of an unintended, online boomerang.

Unlike a bullet or missile fired at an enemy, a cyberweapon that spreads across the Internet may circle back accidentally to infect computers it was never supposed to target. It’s one of the unusual challenges facing the programmers who build such weapons, and presidents who must decide when to launch them.

The Homeland Security Department’s warning about the new virus, known as “Flame,” assured U.S. companies that no infections had been discovered so far inside the U.S. It described Flame as an espionage tool that was sophisticated in design, using encryption and other techniques to help break into computers and move through corporate or private networks. The virus can eavesdrop on data traffic, take screenshots and record audio and keystrokes. The department said the origin is a mystery.

The White House has declined to discuss the virus.

But suspicions about the U.S. government’s role in the use of cyberweapons were heightened by a report in Friday’s New York Times. Based on anonymous sources, it said President Barack Obama secretly had ordered the use of another sophisticated cyberweapon, known as Stuxnet, to attack the computer systems that run Iran’s main nuclear enrichment facilities. The order was an extension of a sabotage program that the Times said began during the Bush administration.

Private security researchers long have suspected that the U.S. and Israeli governments were responsible for Stuxnet. But the newspaper’s detailed description of conversations in the Oval Office among Obama, the vice president and the CIA director about the U.S. government’s responsibility for Stuxnet is the most direct evidence of this to date. U.S. officials rarely discuss the use of cyberweapons outside of classified settings.

Stuxnet is believed to have been released as early as 2009. It was discovered in June 2010 by a Belarusian antivirus researcher analyzing a customer’s infected computer in Iran. It targeted electronic program controllers built by Siemens AG of Germany that were installed in Iran. The U.S. government also circulated warnings to American businesses about Stuxnet after it was detected.

The White House said Friday it would not discuss whether the U.S. was responsible for the Stuxnet attacks on Iran.

“I’m not able to comment on any of the specifics or details,” White House spokesman Josh Earnest said. “That information is classified for a reason, and it is kept secret. It is intended not to be publicized because publicizing it would pose a threat to our national security.”

Cyberweapons are uncharted territory because the U.S. laws are ambiguous about their use, and questions about their effectiveness and reliability are mostly unresolved. Attackers online can disguise their origins or even impersonate an innocent bystander organization, making it difficult to identify actual targets when responding to attacks.

Viruses and malicious software, known as malware, rely on vulnerabilities in commercial software and hardware products. But it is hard to design a single payload that always will succeed because the target may have fixed a software vulnerability or placed computers behind a firewall.

On the Internet, where being connected is a virtue, an attack intended for one target can spread unexpectedly. Whether a cyberweapon can boomerang depends on its state of the art, according to computer security experts. On that point, there are deep divisions over Flame.

Russian digital security provider Kaspersky Lab, which first identified the virus, said Flame’s complexity and functionality “exceed those of all other cybermenaces known to date.” There is no doubt, the company said, that a government sponsored the research that developed it. Yet Flame’s author remains unknown because there is no information in the code of the virus that would link it to a particular country.

Other experts said it wasn’t as fearsome.

Story Continues →