Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Monday - Friday, 4-7 p.m.
In Depth with Francis Rose features daily interviews with top government executives and contractors. Listen live from 4 to 7 p.m. or download his archived interviews on our daily show blogs.
Security firm: New computer virus prowling Mideast
Thursday - 8/9/2012, 3:58pm EDT
LONDON (AP) - A new computer virus tied to some of the most sophisticated cyberweapons thus-far discovered has been found circulating in the Middle East, a Moscow-based computer security company said Thursday. If a link were confirmed, the find would expand the electronic arsenal reportedly deployed by the U.S. and Israel against their rivals in the region.
Kaspersky Lab ZAO said in a statement that the new virus, dubbed "Gauss," was aimed at stealing financial information from customers of a series of Lebanese banks.
The firm said that similarities in coding, structure, and operation meant it could say "with a high degree of certainty" that Gauss was related to "Flame," a sophisticated piece of spyware which prompted an Internet blackout across Iran's oil industry in April, and to "Stuxnet," an infrastructure-wrecking worm whose discovery revolutionized the cybersecurity field.
The statement acknowledged that much remained unclear about the virus's capabilities _ including its ultimate purpose. Kaspersky said that the virus's command-and-control servers were shut down last month, meaning that, for the time being, "the malware is in a dormant state."
Kaspersky outlined several similarities which Gauss shared with Flame, a program which was recently-discovered vacuuming information from computers in Iran. So powerful was the spyware that in late April Iranian officials briefly disconnected the entire country's oil industry _ including the Oil Ministry, energy rigs, and the strategic Khark Island oil terminal _ in a bid to contain Flame's data theft.
Flame in turn has been linked to Stuxnet, an ambitious program aimed at sabotaging uranium enrichment at Iranian nuclear facilities. Stuxnet's discovery in 2010 was of particular interest to cybersecurity professionals because it interfered with the action of German-made centrifuges _ the most high-profile example to date of a computer virus causing physical havoc at an industrial facility.
Recent reports in The New York Times and The Washington Post have tied both Flame and Stuxnet to a secret U.S.-Israeli program aimed at destabilizing Iran's atomic energy program, which many Western countries believe is a cover for the development of nuclear weapons.
It isn't exactly clear how Gauss would fit in to such a program, and Kaspersky acknowledged that stealing money from banks didn't seem like an activity state- backed actors were likely to be engaged in.
Other anti-virus firms were still digesting Gauss's code Thursday.
"People are definitely getting excited about it because of the supposed connection to Flame and Stuxnet," Chris Astacio, of San Diego-based Websense, said in telephone interview. "But without looking at the binary (the raw code of the virus) we can't really comment."
Kaspersky said it was working with the International Telecommunication Union to notify those affected by the infection.
A call and an email to the Geneva-based organization were not immediately returned.
Kaspersky's Q & A on Gauss: http://bit.ly/N9EvcM
Kaspersky's analysis of the virus: http://bit.ly/ThT1hr
(Copyright 2012 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.)
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.