Ireland has hit the Information Security headlines after it was revealed that it is the third most affected country, representing 9% of all cases, of a new backdoor malware discovered by Symantec, which they describe as “groundbreaking and almost peerless“. They’ve named it Backdoor.Regin.
Regin is an extremely complex piece of software that can be customized with a wide range of different capabilities which can be deployed depending on the target. It is built on a framework that is designed to sustain long-term intelligence-gathering operations by remaining under the radar. It goes to extraordinary lengths to conceal itself and its activities on compromised computers. Its stealth combines many of the most advanced techniques that we have ever seen in use.
Regin is more than piece of malware: it’s an architecture for spying. Symantec describe it as “a multi-staged, modular threat”, and conclude that only a nation-state would have the resources and the motivation to develop such a system.
They’ve compared it to Stuxnet, the malware which sabotaged Iran’s nuclear programme, and which has been speculated to have been developed by the US and Israel.
Which leads us to the the question: why Ireland?
It’s another example of “lies, damn lies and statistics“. Symantec say that very few cases of the malware have been found; in fact, Ireland’s 9% global share is accounted for by a single case affecting an unnamed company.
Is it significant that no case has been found in the US?
Probably. If the US government is behind it, they already have plenty of other ways to spy on computer users.
Leave a Reply