NEW YORK: An “extremely complex” and “stealthy” spying program has been stealing data from ISPs, energy companies, airlines and research-and-development labs, a security company has said.
With a “degree of technical competence rarely seen”, Regin had probably taken years to develop. The program had been used in “systematic spying campaigns” over the past six years. Regin slowly infiltrated its targets, taking care at each stage to hide its tracks, the company said.
“Many components of Regin remain undiscovered and additional functionality and versions may exist.” Reports say “Its design makes it highly suited for persistent, long-term surveillance operations against targets.”
Jason Steer, director of technology strategy at security firm Fire Eye, said: “These types of toolkit have existed for a few years now.” He added: “It’s a challenge to the whole security industry as to how they find these malicious and sophisticated pieces of code,”
Security firms were better at spotting such things even though Regin and its ilk were built to fool modern-day tools that look for malicious programs and monitor activity to spot anything suspicious. The techniques Regin used to sneak on to a network and communicate with its creators were very complicated, he said.
Mr Steer said the tip-offs about Regin and similarly sophisticated threats often came from government agencies who kept an eye on the cyber spying capabilities of both friendly and hostile nations.
