“We are going to, of course ,inform member states that there is an unknown payload,” said Marco Obiso, a cyber security coordinator for the U.N.’s Geneva-based International Telecommunications Union, or ITU.
“We don‘t know what exactly it does. We can have some ideas. We are going to emphasize this,” he said.
The ITU issued a warning about Flame shortly after the virus was unveiled by Kaspersky in late May. The agency told member nations that Flame c ould potentially be used to attack critical infrastructure, according to Obiso.
At the time , experts knew only that Flame was a sophisticated espionage tool; they were not certain it could damage computer networks.
Several weeks later, researchers at another security firm, Symantec Corp, confirmed suspicions that Flame was capable of deleting computer data and likely was used to attack Iran in April.
Iran blamed Flame for causing data loss on computers in the country’s main oil export terminal and Oil Ministry. Reports of the data losses prompted the ITU to ask Kaspersky to search for a data-wiping virus, which resulted in its discovery of Flame and Gauss.