“Groundbreaking” state spyware targeted airlines and energy firms by David Meyer.
From the post:
The security firm Symantec has detailed a highly sophisticated piece of spyware called Regin, which it reckons is probably a key intelligence-gathering tool in a nation state’s digital armory. Its targets have included individuals, small businesses, telecommunications firms, energy firms, airlines, research institutes and government agencies.
In a whitepaper, Symantec described Regin as “groundbreaking and almost peerless.” Regin comprises six stages, each triggered by the last, with each (barring the initial infection stage) remaining encrypted until called upon by the last. It can deploy modules that are “tailored to the target.” According to the firm, it was used between 2008 and 2011, when it disappeared before a new version appeared in 2013.
…
See David’s post for the details and the whitepaper by Symantec for even more details, including detection of infection.
Suspects?
UK, US behind Regin malware, attacked European Union networks.
I can’t speak for anyone other than myself but if governments want their citizens to live in a fishbowl, turnabout seems like fair play.
Wouldn’t it be interesting to see non-governmental Regin-like spyware that operated autonomously and periodically dumped collected data to random public upload sites?