‘Nation’ behind spying software

As reported in 'The Japan News' : The Associated Press, SAN FRANCISCO (AP) — Cyber-security researchers say they’ve identified a highly sophisticated computer hacking program that appears to have been used by an as-yet unidentified government to spy on banks, telecommunications companies, official agencies and other organizations around the world. The malicious software known as “Regin” is designed to collect data from its targets for periods of months or years, penetrating deep into computer networks while covering its tracks to avoid detection, according to analysts at Symantec, the Silicon Valley security firm that disclosed the program’s existence in a report this week. Citing factors including its complexity and the likelihood it took years to develop, Symantec security manager Vikram Thakur said Monday, “We think it could not have come from anybody except an extremely well-funded, organized nation state.” Unlike malware that’s been used to hack into retailers’ payment-processing systems, the Regin program isn’t focused on collecting large volumes of credit card numbers or other financial account information, he added. Instead, it’s more precisely targeted and can be used to collect screenshots, copy deleted files, steal passwords and monitor digital communications — including mobile phone calls. Evidence from contaminated computers shows the malware has been used since at least 2008, with half the known cases discovered in Russia and Saudi Arabia, Symantec said. Based on its design and behavior, experts at Symantec and other firms said they don’t believe it was developed in Russia or China, two countries that are often blamed for cyber-attacks around the world. Reports on two online news sites, Wired.com and The Intercept, cited circumstantial links to suggest the program was used in European cyberattacks that the former National Security Agency contractor Edward Snowden has blamed on U.S. and British intelligence agencies. Without drawing that conclusion, researchers at Symantec Corp. and other firms said Regin’s design was reminiscent of a sophisticated program known as Stuxnet, which The New York Times and The Washington Post have reported was developed by U.S. and Israeli agencies. When asked about the reports, a spokeswoman for the NSA said, “We are not going to comment on speculation.”Speech