US tied to cyberattacks on EU, Belgium

Cyberattacks on the European Union, a Belgian telecommunications company and a Belgian cryptographer are now being tied to the sophisticated malware exposed yesterday as the centerpiece of a country’s intelligence program, according to security research firms and an analysis by surveillance policy news site The Intercept.

British and U.S. intelligence agencies are thought to be behind the technology, known as Regin.

{mosads}Security research firm Symantec first disclosed the existence of Regin, calling it “groundbreaking and almost peerless.”

The malware is almost untraceable, using a complex five-step infection process.

Once embedded, Regin gives its controller the ability to grab screenshots, take over a computer’s mouse, lift passwords, scan emails, track phone calls, monitor network traffic and retrieve deleted files.

And it’s believed Regin is the malware behind National Security Agency (NSA) cyber campaigns on the European Union and the Belgian telecom firm Belgacom.

Those cyberattacks were revealed in documents leaked by former government contractor Edward Snowden, The Intercept reported. The NSA’s methods were not known at the time.

After the discovery of Regin, The Intercept was able to tie the malware’s characteristics to the attacks.

Ronald Prins, he security expect that removed the malware from the telecom company’s networks, told The Intercept that Regin was “the most sophisticated malware” he had ever worked on.

And after reviewing the leaked documents regarding the cyber campaign, Prins added he was “convinced” British and American intelligence agencies were using Regin.

Anonymous sources also told The Intercept that Regin matched the malware that had been detected on EU computer networks. A 2013 report from German news organization Der Spiegel found the NSA had compromised the EU’s network.

Security research firm Kaspersky Labs also tied Regin to a cyberattack on Belgian cryptographer Jean Jacques Quisquater.

The firm has been tracking the malware for two years. One of Regin’s main traits, researchers said, is that it targets cell network operators to establish a base for future attacks on mobile devices.

These network operators normally have mechanisms for law enforcement to track suspects, Kaspersky researchers said. But “other parties can hijack this ability and abuse it to launch different attacks against mobile users.”

Which is what it appears those using Regin were doing.

“They could have had access to information about which calls are processed by a particular cell, redirect these calls to other cells, activate neighbor cells and perform other offensive activities,” Kaspersky researchers said.

“At the present time, the attackers behind Regin are the only ones known to have been capable of doing such operations,” they added.

Tags Computer security cybersecurity European Union National Security Agency Surveillance

Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..

 

Main Area Top ↴

Testing Homepage Widget

 

Main Area Middle ↴
Main Area Bottom ↴

Most Popular

Load more

Video

See all Video