Saudi Arabia has been named as one of a number of Middle Eastern countries that has been targeted by a newly discovered, highly sophisticated virus that has affected as many as 10 computer systems in the Kingdom, according to experts at Russian-based Internet security firm Kaspersky Labs.
The virus, which has become known as "Flame," was detected on Sunday by malware experts at Kaspersky Labs during an investigation prompted by the UN's International Telecommunication Union (ITU) and while researching another unknown destructive virus code named Wiper, which has deleted data on a number of computers in Western Asia.
Flame was reportedly designed to carry out espionage and sabotage and is able to use Bluetooth in devices to retrieve information and record keystrokes from computers, smartphones and tablets as well as connect itself to microphones and eavesdrop on audio conversations.
The malware has been confirmed to be among the same type of malicious software as Stuxnet, which was discovered in July 2010 and targeted control systems of infrastructure projects made by German industrial firm Siemens.
So far, the virus has been detected in computer systems predominately in Iran, with the highest number of systems infected on the globe at 189. Flame has also been detected in systems in the Palestinian West Bank, Egypt, Syria, the United Arab Emirates, Lebanon and some African nations.
"While checking the systems in general, we have found that among the 10 systems affected in Saudi Arabia, the virus is not selecting a specific group to target. We have noticed that mainly private companies, individuals and academic institutions such as colleges and universities are among the infected," Vitaly Kamluk, chief malware expert at Kaspersky Labs in Moscow, said in a telephone interview. Arab News contacted a number of Saudi universities to find out if they were among the affected institutions. However, none of the Computer and Information Science (CIS) or IT departments in the universities contacted had any knowledge of the new virus.
"This is the first thing we heard concerning the outbreak of a new cyber virus," said Manal Al-Farrag, chair of the CIS department at Prince Sultan University College for Women, adding that to her knowledge the college had not been affected but that she would immediately alert the IT department of the threat.
She maintained that the Internet was vastly becoming a major tool in cyber warfare because it had become the most accessible way to gather information and added that Saudi universities might have been targeted because they contain a wealth of information on various research projects in the Kingdom.
"Of course, if you look around you will see virtually everyone with their mobiles, tablets or other electronic devices in hand on a daily basis. Information is usually obtained through subscriptions to new services and through social networking sites, where you will be asked for your email and other personal data. Due to the creation of such a massive databank of information and the openness of the Internet, it has become the easiest means of attacking networks and stealing information," Al-Farrag explained. Experts are yet to be able to pinpoint where the virus originated from. According to Kamluk, his team has so far found that there is not only one source for the virus, but as many as 10 different control centers spread across the globe.
He added that other techniques of finding Flame's creator had been used, such as paying close attention to language modules.
"We have extracted some streaming text in order to look for language traces that could point to its origin. In this case, we found English language being used at a high level, meaning that the virus is coming from an origin with an advanced level of English, as we also found traces of slang being used," he said.
Kamluk also said that upon learning of the Flame virus on Sunday, his team immediately added new signature updates to its security solutions center to protect the international community.
"In efforts of eliminating the spread of this new type of malware, we are also sharing antivirus files and software with other companies and advising governmental agencies, individuals and companies to update their security solutions," Kamluk advised.
He said that based on his team's analysis, the Flame malware had shown to be apprehensive and fearful of antivirus software and other security solutions.
"As the creator does not want to attract attention, we have found that the malware itself actually ejects when confronted with security solutions," Kamluk said, adding that updated antivirus software could scare hackers away.
Saudi Arabia among ME countries targeted by new ‘Flame’ cyber virus
