'America radicalised me!' cries Megaupload founder Kim Dotcom

Plus: 'Let’s face it, most people click yes to Ts&Cs contracts without reading them'

Kim Dotcom at the NZ parliamentary hearing

QuoTW This week’s security scare came in the form of Regin, the highly advanced malware that’s said to be as sophisticated as Stuxnet and Duqu. Symantec researchers were the first to report the evil software, saying:

Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen.

Customisable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organisations, infrastructure operators, businesses, researchers, and private individuals.

It is likely that its development took months, if not years, to complete and its authors have gone to great lengths to cover its tracks. Its capabilities and the level of resources behind Regin indicate that it is one of the main cyber espionage tools used by a nation state.

Symantec didn’t specify what nation state might be behind the virus, but Kaspersky found that virtually no infections had cropped up in the so-called Five Eyes nations, leading to speculation that Western intelligence agencies could have something to answer for.

The security firm also said:

For more than a decade, a sophisticated group known as Regin has targeted high-profile entities around the world with an advanced malware platform. As far as we can tell, the operation is still active, although the malware may have been upgraded to more sophisticated versions. The most recent sample we've seen was from a 64-bit infection. This infection was still active in the spring of 2014.

The ability of this group to penetrate and monitor GSM networks is perhaps the most unusual and interesting aspect of these operations. In today's world, we have become too dependent on mobile phone networks which rely on ancient communication protocols with little or no security available for the end user. Although all GSM networks have mechanisms embedded which allow entities such as law enforcement to track suspects, there are other parties which can gain this ability and further abuse them to launch other types of attacks against mobile users.

The EU said that its laws on snooping technology exports needed to be updated in light of the Regin super-spyware, after it was revealed that it was used to successfully hack Belgian telco Belgacom, which counts the European Parliament and Commission among its customers. Dutch MEP Marietje Schaake told The Reg:

Our data has been breached by EU-made technology. We would expect companies and governments to work as hard as they can to prevent attacks, to protect their own digital infrastructure and the freedoms of their citizens.

Trading in dangerous technologies that can be used to infiltrate computers, spy on users and threaten both human rights and our own security could be the biggest boomerang we could throw.

German MEP Bernd Lange quizzed the European Commission on when it would put forward a new law, promised since April. He asked:

How does it envisage addressing the specific problem of the export of surveillance technologies from the EU? By means of what concrete measures does it intend to further address the human rights implications outlined in the above-mentioned communication? How does it view proposals to restrict the export of surveillance technologies to a predefined list of countries?

Sponsored: Becoming a Pragmatic Security Leader




Biting the hand that feeds IT © 1998–2019