New research from Symantec shows that government spy technology called Regin infiltrate s the computers of small businesses and individuals using a Microsoft “back door” – or would that be back “window”?
The global Regin “hit list” belies the intelligence agencies’ claims that their spying is limited to missions of national security. Nearly half of those targeted were private individuals and small businesses, according to Symantec. The other half included telecom providers, energy companies, airlines, research institutes and the hospitality industry.
The discovery of the program, which takes over entire networks, came just days before the United Nations adopted a major resolution condemning unlawful and arbitrary government surveillance. The document calls on states to align their surveillance practices with international human rights law, make the frameworks under which they operate publicly accessible and provide victims with opportunities for redress.
And who lobbied hard and unsuccessfully to weaken the resolution’s language? The United States and its “Five Eyes” spying alliance, which includes the U.K., Canada, Australia and New Zealand. Demonstrating just how resistant those nations are to limits on cyber-spying, the Five Eyes argued against provisions in the U.N. statement that called for an end to indiscriminate electronic surveillance.
It’s little wonder, when you understand how powerful the Regin malware is. It is so sophisticated that researchers concluded it could only have been created by nation states. It disguises itself as common Microsoft software while stealing data from infected computers, and deploys its payloads in stages to avoid detection.
Symantec’s researchers call it a “top tier espionage tool” on par with Stuxnet, the U.S.-Israeli virus responsible for sabotaging nuclear centrifuges at Iran’s Natanz facility in 2009. That malware exploited unpublished vulnerabilities, called “0days,” in Microsoft’s Windows operating system, which allowed it to infect thousands of machines in over 100 countries around the world over.
But upon dissecting its code, researchers found Stuxnet’s’ mission was narrowly targeted at industrial control systems like the kind running inside Iran’s nuclear facility. Even then, the virus reportedly had to be physically implanted via USB sticks by Israeli double agents, believed to have been recruited from the Iranian dissident group Mujahedeen-e-Khalq (MEK).
But while Stuxnet was a tool of sabotage, Regin was explicitly designed for spying …
on folks just like you! Read the full story here.