SCOTT SIMON, HOST:
This is WEEKEND EDITION from NPR News. I'm Scott Simon. We learn more this week about how countries may be lining up to fight a cyberwar. The New York Times reported that Presidents Bush and Obama both authorized computer attacks against Iran culminating in the Stuxnet virus, which targeted Iranian nuclear facilities. Meanwhile, a U.N. agency raised alarms about another virus, dubbed Flame, which may also have been designed for use against Iran.
NPR's Tom Gjelten reports on what the developments may tell us about political division in the world of cyberwarfare.
TOM GJELTEN, BYLINE: The Flame virus was highlighted in a cybersecurity alert issued by the International Telecommunication Union. Marco Obiso, the I.T.U.'s cybersecurity coordinator, says his organization noticed some malicious software, malware, spreading around the Middle East and asked Eugene Kaspersky, a Russian security consultant, to have his lab study the malware.
MARCO OBISO: There was this indication that there was malware that was wiping out information in the Middle East. This is called wiper, eh? It's a wiping tool, basically. So we asked Kaspersky Lab to further investigate, and then they discovered the Flame.
GJELTEN: The I.T.U. alert said the discovery of the Flame virus underscored the need for global collaboration to tackle cybersecurity threats. Clear enough, but some skeptics are taking a more conspiratorial view of this story. They cite several points. One, the I.T.U. had never before issued a cybersecurity alert like this. Two, as a U.N. agency, the I.T.U. has often reflected the interests of Russia and China, its two most influential members.
The I.T.U. has never called attention to cyberthreats emanating from those two countries. Three, the virus that got the I.T.U.'s attention, Flame, apparently targeted Iran, as Stuxnet also did. Suspicion immediately fell on the U.S. and Israel as the creators. Kaspersky's analysis concluded Flame was created by a government and he called it a highly sophisticated cyberweapon.
After studying descriptions of what the virus was able to do, cyber researcher Jeffrey Carr concluded that Kaspersky's analysis was, in Carr's words, overblown, giving the Flame virus more attention than it warranted.
JEFFREY CARR: Which, to me, lends credence to the possibility of this being, you know, politically motivated.
GJELTEN: One other point: Eugene Kaspersky, the I.T.U.'s main cybersecurity consultant, is himself close to the Russian government. He personally signed on to the I.T.U.'s cybersecurity alert on Flame. A U.S. security consultant anxious to be seen as politically independent might be reluctant to do that. Jeffrey Carr, the author of "Inside Cyber Warfare," says the Kaspersky endorsement highlighted the connection between Russia and the I.T.U.
CARR: Kaspersky has been associated with Russian initiatives for years, and so it's not at all unusual coming from Russia. I don't know that we've ever seen such an endorsement here in the West.
GJELTEN: A congressional hearing this week focused on the I.T.U. and its ties to the Russian and Chinese governments. A senior State Department official and a member of the Federal Communications Commission both expressed alarm over those associations. Lots to fuel suspicions, but the I.T.U.'s Marco Obiso scoffs at the suggestion of any geopolitical significance to the I.T.U.'s new cybersecurity role.
OBISO: We are not interested in geopolitics. The fact that Kaspersky was there has nothing to do with it's a Russian company or an English company or an American company.
GJELTEN: Perhaps. But there is one other point: The leadership of the I.T.U. wants a so-called peace treaty for cyberspace, under which some computer weapons would be outlawed. Russia has been the I.T.U.'s leading advocate in that regard. The United States would be directly affected. Tom Gjelten, NPR News, Washington.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.