Reports are emerging of new computer malware that is attacking systems across the world. Morgan Marquis-Boire, Claudio Guarnieri, and Ryan Gallagher report in The Intercept that security analysts say that it has all the hallmarks of being the product of the US and UK governments.
Complex malware known as Regin is the suspected technology behind sophisticated cyberattacks conducted by U.S. and British intelligence agencies on the European Union and a Belgian telecommunications company, according to security industry sources and technical analysis conducted by The Intercept.
Regin was found on infected internal computer systems and email servers at Belgacom, a partly state-owned Belgian phone and internet provider, following reports last year that the company was targeted in a top-secret surveillance operation carried out by British spy agency Government Communications Headquarters, industry sources told The Intercept.
The malware, which steals data from infected systems and disguises itself as legitimate Microsoft software, has also been identified on the same European Union computer systems that were targeted for surveillance by the National Security Agency.
The hacking operations against Belgacom and the European Union were first revealed last year through documents leaked by NSA whistleblower Edward Snowden. The specific malware used in the attacks has never been disclosed, however.
This is not the first time that the US and its allies have been caught engaging in cyberwarfare. Recall the Stuxnet virus that the US and Israel used against Iranian nuclear plants. It turns out that the US and Israel have been caught working on a successor to Stuxnet called Duqu.
Imagine the furor that would have erupted if it had turned out that the malware had been produced by the Russians or Chinese. The US, which had warned other countries against indulging in cyberwarfare, is once again exposed as doing the very things it condemns others for doing. In fact, it is a safe rule of thumb that if the US waxes indignant over something that other nations are supposedly doing, that is a pretty sure sign that they are already covertly doing it.
This is why we have to be prepared for the “Cyber Pearl Harbor” which we are apparently trying to provoke by sending Cyber Admiral Perry elsewhere.
Things to be glad we aren’t accusing others of doing, then: punching babies and slowly lowering puppies into nuclear waste. My list would have been longer, but I’m having trouble thinking of shit more evil than the things we have actually done. (/puuuuuke)
Meanwhile, from the Department Of Hypocrisy (which has balooned hugely since 9/11):
http://www.voanews.com/content/danish-man-fined-for-selling-spyware-in-united-states/2534883.html
A U.S. federal court has ordered a Danish man to pay a $500,000 fine for advertising and selling a spyware application to remotely monitor calls, texts, videos and other communications on mobile phones without detection.
The Kaspersky Labs white paper makes for fascinating reading, if you’re interested in this sort of thing.