Specialists at Iran’s National Computer Emergency Response Team (MAHER) have identified Flame as the main cause behind the theft of a vast volume of information over the past few weeks. MAHER maintains that the malware is of the same nature as Duqu and Stuxnet, although much more complex.
IT-Analyze published an article discussing security firm Kaspersky’s analysis of Flame, stating that the malware appears to have the ability to turn on the computer’s microphone and record conversations. Also, it can take pictures from certain programs while they are running, remember key-presses, analyze and spy on network traffic, and connect to nearby electronic devices through Bluetooth.
Quoting an American security specialist, IT Analyze states that Flame was most likely produced in the US. The specialist, who chose to stay anonymous, told NBC News that: “This malware has tell-tale signs of connection with US cyber espionage.”
Deputy of IT Organization of Iran said:
“30 countries, including Australia, the Netherlands, Malaysia, and even countries with which we have never had contact, have gotten in touch with Iran’s MAHER, to ask for assistance and tools in countering Flame malware.”
Ismail Radkani, the director-general for management and technical support at the state Information Technology Company, also commented that Iran’s MAHER had successfully identified Flame over a month ago, and had been working on an anti-virus for it since then. It was the Middle-East Online who first announced Iran’s success in finding the anti-virus for the Flame malware.
According to Iran’s Telecommunications News Agency (ITNA), the Iranian IMEN Malware Analysis Laboratory has so far been able to identify two types of Flame malware, and has updated different local anti-viruses accordingly. IMEN’s full analysis, which is set to be published next week, will apparently include new information on this malware.
Supreme Council of Cyberspace
Alireza Shah-Mirzaie, one of the members of the Supreme Council of Cyberspace, spoke about the new council in an interview with Center for Organized Crime (GERDAB). Parts of Mr. Shah-Mirzaie’s interview have been covered by different Iranian news outlets over the past weeks, as well as by Iran Cyber Watch.
Mr. Shah-Mirzaie commented that three points had been important for the Supreme Leader at the time of creating this council: technology (science), content creation, and increase of the private sector’s activities in the field. Shah-Mirzaie added:
“In my opinion, the creation of this Supreme Council has made the private sector’s role clear for officially initiating its activities in this field. Also, there will be consolidated procedures put in place, and so the private sector can invest in the field with more certainty.”
The Council of Ministers now requires all state agencies to exchange and share information, free of cost, on the National Information Network. This new regulation has been implemented based on Article 46 of the Fifth Economic Development Plan (2010-2015) dedicated to the National Information Network.
Deputy Minister of Communications announced that by the end of the second year of the Fifth Economic Development Plan (this year), 60-percent of businesses and households will be connected to the National Information Network.
A letter addressed to the Vice-President of Research and Technology at the Ministry of Science and Technology Research, Director of IT at the Ministry of Health and Medical Education, and the President of Islamic Azad University, officially obliges them to use “.ir” domains for all websites and portals. This new regulation is also based on Article 46 of the Fifth Economic Development Plan and applies to all universities and research centers.
The first National Internet Exhibition is to take place from June 17-20 in Tehran. This event aims to encourage entrepreneurship by exhibiting the country’s capabilities and capacities, which have, in some way, improved the business environment through the existence of the Internet.
Iranian Email Service
In response to users’ concern that some local email service providers require too much personal information, Deputy Minister of Communications said:
“We have alerted the service providers of this issue, and asked them to limit request of personal information as much as possible, in order to increase security.”
On whether or not, for the sake of security, access to foreign hosted email services will be denied once local systems have been set up, Hakim-Javadi commented:
“At the moment, our emphasis is on using Iranian E-mail services mainly for banking systems and the public sector.”
Hakim-Javadi referred users to the website www.iran.ir for all the available local email services. At the time of this week’s Iran Cyber Watch, the mentioned website was inaccessible.
The Deputy of Art at the Ministry of Culture identified the lack of copyright laws as one of the biggest problems faced in the field of computer games production.