HUA HIN, Thailand - Security
researchers this week have discovered a conclusive
link between the notorious Stuxnet worm that
disabled Iran's nuclear centrifuges in 2010 and
the recent Flame data-mining espionage malware
that also targeted computers in the Middle East.
The revelation from Moscow-based Kaspersky
Labs ties Flame to the Israeli and US governments,
which reportedly designed and deployed Stuxnet in
order to sabotage the Iranian nuclear program.
Senior researchers at the security firm
stated "We're very confident that the Flame team
shared some of their source code with the Stuxnet
group ... It's conclusive proof that the two
worked together, at least once."
The
timelines of both pieces of software were
dissected and it
was exposed that the
first variant of Stuxnet appeared in June 2009,
not in mid-2010 as was previously thought. Flame
however predates this by at least a year and
researchers traced it back to mid-2008, or
possibly earlier.
Both pieces of malware
contain a module that appears to originate from
the same block of code which was used to infect
Windows computers via USB drives - a vulnerability
patched by Microsoft in 2009.
A new
"zero-day" exploit had been discovered in the
initial variant of the worm dubbed Stuxnet.A,
which appeared in mid 2009 and operated quietly
under the radar of internet security firms. Zero
day refers to an attack that exploits a previously
unknown and un-patched vulnerability - Stuxnet
used at least five of them, which confirms its
unprecedented level of sophistication.
Stuxnet.A contained a portable executable
encrypted dynamic-link library file module known
as "Resource 207", which, Kaspersky researchers
claim, shares code with today's Flame malware.
Stuxnet.B, which emerged in mid-2010, did not
contain the code, which is primarily responsible
for distribution of the malware from machine to
machine via USB thumb-drives by exploiting the
Windows auto-run function.
The research
suggests that Flame, the precursor to Stuxnet, was
sponsored by the same wealthy and tech savvy
entity or state, which required espionage malware
to gather data on the targets before executing
such a technologically advanced surgical strike.
The digital barrage continued after
Stuxnet; another data mining variant, dubbed Duqu,
(See Duqu
returns to Iran, Asia Times Online, November
19, 2011) made it into Iranian computer systems in
November 2011, and earlier that keylogging malware
called Stars was discovered on computers in Iran.
Security experts have estimated that the
Flame attack would have required the equivalent of
US$200,000 of computing time to fraudulently
acquire a rogue Microsoft digital security
certificate allowing them to pose as the software
giant for long enough to infiltrate computer
networks. Exploiting secure sockets layer (SSL)
was the method of attack for Flame.
The
source code similarities, finances required and
level of sophistication involved in all of these
cyber-attacks are all pointing in one direction -
West.
Hardware Apple this week
revealed a new line of MacBook Pros. The all new
slim-line 15" laptop features a stunning 2880x1800
Retina screen, quad core Intel i7 CPU, solid state
storage, and Nvidia GeForce discrete graphics.
Also stunning though is the price, starting at
$2,200 rising to $2,800 for the top of the range
model.
The company is boasting the
delights of the display, claiming it to have the
world's highest resolution notebook display with
over 5 million pixels (3 million more than a full
HD Television). Missing from the super machine
though is an optical drive, as Apple believes
users should be doing everything in their "cloud"
now and should have no further need for a DVD or
CD read/writer.
Also presented at the
company's annual developers conference this week
was a preview for the next version of its desktop
operating system, OS X 10.8 Mountain Lion, which
will be available as a $20 upgrade in July.
Apple's mobile operating system was also given a
beta upgrade, iOS 6 will have over 200 new
features including enhancements to Siri, the
virtual assistant, and new mapping apps to rival
Google's.
Mobile Google's
Android army continues to march forward and gain
strength, with the company announcing that there
are now more than 900,000 devices using Android
software activated every day. Android's chief
architect, Andy Rubin, did not provide a breakdown
for this figure, which includes tablets,
smart-phones, e-readers, netbooks, and other
devices that run the mobile operating system.
That impressive statistic compares to
around 500,000 devices per day at the end of June
last year, and 850,000 per day at the end of
February, according to Twitter messages from
Rubin.
Industry analyst IDC claims that
first-quarter shipments of Android smart-phones
were up 145% on the same period in the previous
year, giving Google's mobile operating system a
smart-phone market share of 59%.
IDC
predicts a 61% market share for Android handsets
by the end of this year, increasing through to
2016 whereupon it has been forecast to fall off at
the expense of Windows Phone.
Martin
J Young is an Asia Times Online correspondent
based in Thailand.
(Copyright 2012
Asia Times Online (Holdings) Ltd. All rights
reserved. Please contact us about sales,
syndication and
republishing.)
Head
Office: Unit B, 16/F, Li Dong Building, No. 9 Li Yuen Street East,
Central, Hong Kong Thailand Bureau:
11/13 Petchkasem Road, Hua Hin, Prachuab Kirikhan, Thailand 77110
