WASHINGTON – The CIA and the IDF
jointly developed the sophisticated Flame
computer virus that gathered intelligence in preparation for cyber-sabotage aimed at slowing Iran’s
ability to develop a nuclear weapon, the Washington Post quoted Western officials as saying.
The officials told the newspaper that the massive piece of malware secretly mapped and monitored Iran’s computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign.
The report was published overnight Wednesday (Israel time), shortly after Iran and the six world powers blamed
each other for deadlock at talks on Tehran's nuclear program.
Late on the second and final day of talks in Moscow, diplomats said negotiators were still far from agreement on Iranian work which the United States, China, Russia,
and Britain fear may be aimed at building nuclear arms.
According to the Washington Post, there has been speculation that Washington had a role in developing Flame, but the collaboration on the virus between the United States and Israel
has not been previously confirmed.
“This is about preparing the battlefield for another type of covert action,” one former high-ranking US intelligence official told the newspaper. He added that Flame and the Stuxnet virus were elements of a broader assault that continues today.
“Cyber-collection against the Iranian program is way further down the road than this,” he said.
Experts told the Washington Post that the Flame virus was designed to replicate across even highly secure networks, then control everyday computer functions to send secrets back to its creators. The code could activate computer microphones and cameras, log keyboard strokes, take screen shots, extract geolocation data from images, and send and receive commands and data through Bluetooth wireless technology.
Flame was designed to do all this while masquerading as a routine Microsoft software update; it evaded detection for several years by using a sophisticated program to crack an encryption algorithm, according to the experts.
Officials familiar with US cyber-operations and experts who have scrutinized its code told the Washington Post that Flame was developed at least five years ago as part of a classified effort code-named Olympic Games.
The report said the US-Israeli collaboration was intended to slow Iran’s nuclear program, reduce the pressure for a conventional military attack and extend the timetable for diplomacy and sanctions.
The Washington Post said that despite their collaboration on developing the malicious code, the US and Israel have not always coordinated their attacks. Israel’s April cyber attacks on Iran’s Oil Ministry and oil-export facilities caused
only minor disruptions. The episode led Iran to investigate and ultimately discover Flame.
"Some US intelligence officials were dismayed that Israel’s unilateral incursion led to the discovery of the virus, prompting countermeasures," according to the report.