Symantec has claimed to come across THE most sophisticated and smartest malicious software ever which, according to the cyber security firm, has been used on a wide range of targets around the world for snooping purposes for almost six years now. The bug called Regin has affected telecom companies based in Russia, Ireland and Saudi Arabia most severely.
Sian John, a security strategist at Symantec, said that it looked like a piece of smart work and believe that the developers must have taken several months on developing it. He also said it seemed to be coming from a Western organization, probably developed by a “nation-state” as a tool for cyber espionage. The security officials anywhere are refraining from giving such categorical statements.
“It’s dangerous to assume that because the malware has apparently been used in a given country, it did not originate there,” the person said. “Certain states and agencies may well use tools of this sort domestically.”
Regin is highly reminiscent of ‘Stuxnet’ worm which was developed by hackers backed by US and Israel governments to snoop into the Iranian nuclear program. The Stuxnet which had then been billed as the most sophisticated computer malware in the world pales in comparison with Regin, which is said to be a huge advancement over it and extremely difficult, if not impossible, to detect- probably the reason it went unnoticed for six long years.
“Nothing else comes close to this . . . nothing else we look at compares,” said Orla Cox, director of security response at Symantec, who described Regin as one of the most “extraordinary” pieces of hacking software developed, and probably “months or years in the making”.
“We are probably looking at some sort of western agency,” Ms Cox said. “Sometimes there is virtually nothing left behind – no clues. Sometimes an infection can disappear completely almost as soon as you start looking at it, it’s gone. That shows you what you are dealing with.”
Meanwhile, Eugene Kaspersky, chief executive of Kaspersky Labs, warned that the computer networks that control energy plants and factories are becoming targets for organised crime gangs armed with skilled hackers. He said there was evidence of “more and more very targeted attacks” of the networks that run industrial companies.
Cyber security is now becoming a sensitive topic for businesses and other establishments where confidentiality of data is highly essential. There have been high profile data breaches at US bank JPMorgan and US retailer Home Depot in the recent past besides the much publicized incident of Europol smashing a drug ring which had been hacking the control systems at Antwerp, a Belgian port, to allow containers holding drugs to get in or out of the country without being noticed by the highly vigilant customs inspectors.