Malware Wars: Software Vendor Claims CIA and NSA Infiltrated Microsoft
June 20, 2012
According to Mikko Hypponen, chief research officer of antivirus and security software vendor F-Secure, U.S. intelligence infiltrated Microsoft’s core Windows and application development programming teams in order to spread the Stuxnet, Dugu and Flames viruses.
A screen capture of a Windows error message on Iran’s Bushehr nuclear power plant’s map.
“The announcement that links Flame to Stuxnet and the conclusive proof that Stuxnet was a US tool means that Flame is also linked to the US government,” Hypponen told PC Pro last week.
“This makes you think that this breach of Microsoft’s update system was done by the Americans and most likely a US agency, someone like the NSA,” Hypponen said. “That must make Microsoft mad as hell that its most critical system, used by 900 million of its customers, was breached by fellow Americans.”
Although the NSA has worked with Microsoft in the past, Hypponen does not believe the software giant collaborated with the NSA and the CIA to exploit their own operating system.
“I don’t think Microsoft was in on it, that it was helping the US government and I don’t believe that because it looks very bad for Microsoft. I find it very hard to believe that Microsoft’s top management would have approved that,” he said.
“It’s plausible that if there is an operation under way and being run by a US intelligence agency it would make perfect sense for them to plant moles inside Microsoft to assist in pulling it off, just as they would in any other undercover operation. It’s not certain, but it would be common sense to expect they would do that.”
In 2003, it was speculated that the CIA had worked with Microsoft to build a backdoor for intelligence purposes in its software. In 2009, the NSA and the Defense Department worked with Microsoft on Windows 7 security measures.
“The key problem is that NSA has a dual mission,” Marc Rotenberg, the executive director of the Electronics Privacy Information Center, said at the time.
Following the revelation that the NSA was illegally collecting vast amounts of data on American citizens via the internet, Michael McConnell, then Director of National Intelligence, said the U.S. government should have unlimited and warrantless access to U.S. citizens’ Google search histories, private emails and file transfers.
Earlier this week it was reported that the U.S. and Israel collaborated on the sophisticated Flame virus which they unleashed on Iran’s oil industry and its nuclear program. Experts now believe Flame was built by the “same nation-state responsible for the Stuxnet virus that targeted Iran’s nuclear power plant in 2010. Many suspect Stuxnet was the work of Israeli intelligence,” Fox News reported.
The CIA, the NSA and the Office of the Director of National Intelligence, as well as the Israeli Embassy in Washington, declined to comment.
Kaspersky Lab researchers discovered a link between the two viruses earlier this month. Both take advantage of infected machines by exploiting a Windows flaw to launch the “autorun” feature.