Foreign Policy publishes GPPi commentary on cyber-espionage worm

GPPi fellow Tim Maurer has co-authored a commentary on the website of Foreign Policy magazine in which he analyzes the cyber-espionage worm Flame, highlighting why it is not the new Stuxnet and how it differs from cyber warfare. Published on 29 May 2012, the article is titled Flame Thrower.

Flame is a mysterious new cyber spy tool that hit the headlines on Monday, May 28. Its code is 20 times larger than Stuxnet, the mysterious computer worm that temporarily crippled Iran’s Siemens nuclear centrifuges. Most of the systems infected by Flame are located in the Middle East, with Iran, Israel, Palestine, Sudan, Syria, Lebanon and Hungary topping the list. Flame stands out in the various ways through which it ​“exfiltrates” data, including surreptitiously recording audio data captured by internal microphones. Unlike Stuxnet, Flame was designed to spy – not destroy.

In the article, Maurer and his co-author, David Weinstein, argue that Flame is not the new Stuxnet, and it is important not to lump them together. However, as Stuxnet and Duqu have shown, the question about Flame is whether the information-sharing was an end in itself or only the means to a future attack that remains to be discovered or launched. Maurer and Weinstein point out that the answer to this question might take a while to uncover.

Maurer’s previous Foreign Policy commentary, The Case for Cyberwarfare, is available here. Other related publications by Maurer include Cyber Norm Emergence at the United Nations and WikiLeaks 2010: A Glimpse for the Future? View both here.