Tuesday, November 20, 2012

French Officials Accuse US of Hacking Sarkozy's Computers, Attacks Bear Hallmarks of "Flame"

From The Hill (11/20/2012; emphasis is mine):

Report: French officials accuse US of hacking Sarkozy's computers

The United States used U.S.-Israeli spy software to hack into the French presidential office earlier this year, the French cyberwarfare agency has concluded, according to the newsmagazine l'Express.

The magazine reported late Tuesday that the computers of several close advisers to then-president Nicolas Sarkozy – including Chief of Staff Xavier Musca – were compromised in May by a computer virus that bears the hallmarks of Flame, which was allegedly created by a U.S.-Israeli team to target Iran's nuclear program. Anonymous French officials pointed the finger at the United States.

“You can be on very good terms with a 'friendly' country and still want to guarantee their unwavering support – especially during a transition period,” an official told the magazine. The alleged spying attack took place a few days before the second round of the French presidential elections, which Sarkozy lost to Francois Hollande, a socialist.

Homeland Security Secretary Janet Napolitano reportedly did not deny the allegations when asked point-blank about them.

“We have no greater partner than France, we have no greater ally than France,” Napolitano reportedly answered, at the opening of an interview with l'Express. “We cooperate in many security-related areas. I am here to further reinforce those ties and create new ones.”

In the interview, Napolitano also said that the Flame and Stuxnet viruses had “never been linked to the U.S. government.”

The White House did not return a request for comment from The Hill.

I remember there was a little noted piece of news earlier this month that the oil giant Chevron admitted that their system was infected with Stuxnet.

From CNET (11/8/2012):

Stuxnet, the sophisticated computer virus that attacked a nuclear enrichment facility in Iran two years ago, also inadvertently infected Chevron's network.

Reportedly created by the U.S. and Israel, the highly destructive worm was designed to infect Iran's Natanz nuclear facility. Rather than steal data, Stuxnet left a back door meant to be accessed remotely to allow outsiders to stealthily knock the facility offline and at least temporarily cripple Iran's nuclear program.

The oil giant discovered the malware in July 2010 after the virus escaped from its intended target, Mark Koelmel, Chevron's general manager of the earth sciences department, told The Wall Street Journal.

"I don't think the U.S. government even realized how far it had spread," he said. "I think the downside of what they did is going to be far worse than what they actually accomplished."

A Chevron spokesperson told CNET that the company's network was not adversely affected by the virus.

"Two years ago, our security systems identified the Stuxnet virus. We immediately addressed the issue without incident," a Chevron representative said.

What does Stuxnet have to do with Flame? It turns out that they share the same source codes, according to Computerworld (6/11/2012):

The two pieces of malware -- Flame for reconnaissance, Stuxnet for attack -- each included a module that appears to originate from the same source code, likely written by a single programmer.

Persistent comments that Fukushima I Nuke Plant was infected by Stuxnet don't seem to take into account, though, that their network system hadn't been quite brought up to speed in the PC era, not advanced enough to get infected.


JAnonymous said...

LOL, to think that a simple attack like Flame or stuxnet (eventhough they use 0-day attacks, they are easily countered by isolating the networks or better, getting rid of windows) could succeed on Sarkozy's friend speaks a lot about the cybersecurity culture nowadays. Nobody gives a damn, and it always only happens to someone else.

Now, about Fukushima, I have a very good friend who used to be a system administrator at Daiichi, and who told me that the hardware there is stuck at 70s/80s level and not allowed to evolve, for safety reasons. That means they order custom-made parts for repair (sounds like a golden amakudari company opportunity to me)... That means they probably don't have windows computers linked to industrial control machines at all. Which probably wouldn't be Siemens anyway (I'd bet on Mitsubishi).

arevamirpal::laprimavera said...

I don't know if they had computers for control. If they did, DEC mini or Hitachi mainframe? Or PC with MS DOS... LOL. They at least got that right - safety.

Anonymous said...

Back to thyroids...
The chief of radiation control agency at the time of Tchernobyl has been cleared of accusations of deceit / aggavated fraud, in lack of reliable proof.
Beware when you see a judge.

Anonymous said...

I remember reading several articles where the supposedly U.S. admitted they made Stuxnet. I think one of the articles was by the New York Times.

Post a Comment