The complexity of the latest 'Flame' virus bears the hallmarks of a program engineered by a state, a number of Israeli computer experts believe.
As
details of Flame - the third major virus discovered to have an affinity
to Iranian computer systems in recent years - filtered through the
media, network security experts in Israel, requesting anonymity, studied
the initial reports, and indicated that they believed small groups of
hackers could not be behind the virus.
"This is not a couple of
hackers who sat in a basement," one expert said. "This is a large,
organized system. It is possible that years were invested in creating
it."
A second analyst said that viruses at this level of
sophistication require major capabilities and knowledge of code
development, noting that "these are available only to states. And that's
without mentioning a motive for developing [such a program]."
The
experts believe that a good computer hacker can put together a complex
code made up of thousands of lines, but that when hundreds of thousands
of lines or more are involved, a major organization was far more likely
to be involved.
According to reports, Flame has 100 times more code as a virus designed to steal financial data.
Yet it is not just the size of the code that provides a hint, but also, the knowledge encrypted in the virus on its target.
The
Stuxnet virus, for example, was more than a complex code; it had
detailed knowledge on the Siemens supervisory control and data
acquisition (SCADA) systems, used by Iran to enrich uranium through
spinning centrifuges.
It was this sort of inside knowledge on the
systems that are targeted which provide a hint regarding the type of
programmers involved, the experts argued.
"Even the best hacker
can't write a code that specifically targets control equipment," said
one specialist. "This isn't a person sitting in a basement."