Sophisticated malware found in Irish telecommunications/internet systems

Impetus · 24-11-2014 2:10pm #1

According to a front page article in today’s Financial Times, Kaspersky Labs has found malware called Regin in computer systems run by internet service providers and telecoms companies mainly in Russia and Saudi Arabia as well as Mexico, Ireland and Iran. They claim that it is more sophisticated than Stuxnet. “Nothing else comes close to this… nothing else we look at compares”.

While the article is peppered with little side show sentences to divert attention from the thought that some 3 or 4 letter British and American snooping agencies are behind Regin, I can’t think of any other government would be interested in attacking the Irish telecommunications infrastructure, aside from GB. The Americans are obviously very interested in Mexico, Saudi, Russia and Iran. According to the article they have been unable to come to a conclusion as to the function of Regin.

Paywalled URL:

http://www.ft.com/intl/cms/s/0/8392d196-7323-11e4-907b-00144feabdc0.html#axzz3JzP08fmB

fcerullo · 25-11-2014 9:57am

The DPC is already involved in an investigation.

There is an article posted in the DPO website.

Fabio

Impetus · 25-11-2014 10:14am

fcerullo wrote: »

The DPC is already involved in an investigation.

There is an article posted in the DPO website.

Fabio

By DPC I presume that you mean Data Protection Commissioner. It seems to me that this is grossly under-funded given the task, with particular reference to the large multi-nationals with data centres based in his jurisdiction.

Do you have a link to the "DPO website" article please?

fcerullo · 26-11-2014 10:53am

here it is:

www dot dpo dot ie/news/view/1290

Fabio

Impetus · 26-11-2014 11:03am

Robert Ballecer and Steve Gibson on Regin malware. Basically it seems to be designed to collect information on people, their travels and whom they know. It is stealing information from mobile phone networks, terrestrial networks, the internet, reservations systems, probably social media etc.

Video: http://www.podtrac.com/pts/redirect.mp4/twit.cachefly.net/video/twiet/twiet0117/twiet0117_h264m_1280x720_1872.mp4
Audio:
http://www.podtrac.com/pts/redirect.mp3/twit.cachefly.net/audio/twiet/twiet0117/twiet0117.mp3

Manach · 26-11-2014 11:52am

I'd echo the comment on the lack of resources by the DPC compared to other EU Jurisdictions and their workload with various IT HQs in Dublin. As well, there was a similar system present in the Greek network a few years ago and AFAIR the authorities never found the culprits.

Impetus · 26-11-2014 7:31pm

More TV on Regin malware - Steve Gibson's own show with Leo Laporte. It looks as if it is a root kit - it's taking people's passwords and encrypting them and sending them as cookies back to Big Daddy. It can also take over the mouse and do mouse clicks. Can take over cellular base station controllers and IIS servers for traffic monitoring. You name it - Regin can do it and it has been around for around 6 years. It infects the registry and Symantec and Kaspersky have recorded its behaviour overe the past few years - not knowing, it would appear, what was going on. Of late, 2 + 2 have been put together to come up with some idea of Regin's nasty capabilities.

http://www.podtrac.com/pts/redirect.mp4/twit.cachefly.net/video/sn/sn0483/sn0483_h264m_1280x720_1872.mp4

Audio only:
http://www.podtrac.com/pts/redirect.mp3/twit.cachefly.net/audio/sn/sn0483/sn0483.mp3

Sophisticated malware found in Irish telecommunications/internet systems

Comments