Reuters reports researchers at anti-virus makers Symantec Corp and Kaspersky Labs have uncovered evidence of three previously undocumented computer viruses on systems in Lebanon and Iran, possibly developed by the United States for espionage or cyber warfare. Previous reporting from the New York Times tied the development of another virus, Stuxnet, to a joint U.S.-Israeli campaign against the Iranian nuclear program code named Olympic Games.
The new viruses are linked to another previously identified virus also allegedly connected to Olympic Games, Flame, via a program called Newsforyou that masquerades as a web content management system:
“Newsforyou handled four types of malicious software: Flame and programs code-named SP, SPE and IP, according to both firms. Neither firm has obtained samples of the other three pieces of malware.
Kaspersky Lab said it believes that SP, SPE and IP were espionage or sabotage tools separate from Flame. Symantec said it was not sure if they were simply variations of Flame or completely different pieces of software.”
The digital era has dramatically changed the tactics available to countries engaging in espionage and sabotage, but cyber warfare raises it’s own set of new moral questions.
Deploying targeted malware to crash centrifuges is arguably preferable to more destructive and life threatening military strikes or targeted assassinations, but it raises other key questions: by developing these kinds of cyber weapons is the U.S. providing intellectual cover to hostile nations developing similar programs? And what happens when these weapons make their way into the digital wild?
The latter has already happened: While there isn’t any known damage due to domestic infections, as early as 2010 Symantec reported 1.56% of Stuxnet infections were to U.S. computers. At least one Stuxnet infection to a critical infrastructure system resulted in the deployment of the Department of Homeland Security’s Industrial Control Systems Computer Emergency Readiness Team (ICS-CERT).
As to the first question: The Department of Homeland Security’s emergency cyber-responder team has “seen a three-year surge in cyberattacks” on American critical infrastructure, reporting in June “a 20-fold leap in the number of incidents since the team was created in 2009.”