Latest Snowden leak shows UK, US behind Regin malware, attacked European Union

 

 

regin-symantec

 

Latest Snowden leak shows UK, US behind Regin malware, attacked European Union

By Zack Whittaker
ZDNet.com

eu-flag

(Image: European Commission)

Blame the British and American spy agencies for the latest state-sponsored malware attack, say reporters at The Intercept.

The publication, which in the wake of Glenn Greenwald’s departure from The Guardian continued to publish documents leaked by Edward Snowden, said on Monday the recently discovered malware, known as Regin, was used against targets in the European Union.

One of those targets included Belgian telecommunications company Belgacom, which had its networks broken into by the British spy agency the Government Communications Headquarters (GCHQ).

Regin was first publicly talked about over the weekend after Symantec discovered the “sophisticated” malware, though is understood to have been in circulation since 2008.

Compared to Stuxnet, the state-sponsored malware whose creators have never been confirmed, the recently-discovered trojan steals data from machines and networks it infects, disguised as Microsoft software.

Some began to point the finger at Russia and China, but these were quickly discounted by industry experts. Others suspected the U.S. and Israel — a deal already exists that allows the Middle Eastern allied state to access raw and “unchecked” U.S. collected intelligence.

They weren’t far off. According to Monday’s report, the U.S. working in conjunction with Britain, a European member state (though perhaps not for much longer) attacked Belgacom using the Regin malware.

Though the Belgacom hack was disclosed by Snowden’s leaks, the malware used had never been revealed.

The new details from The Intercept show how GCHQ embarked upon its “hacking mission,” known as Operation Socialist, by accessing Belgacom’s networks in 2010. By targeting engineers through a faked LinkedIn page, GCHQ was able to get deep inside the Internet provider to steal data.

Some of Belgacom’s main clients were the European Commission, the European Parliament, and the European Council of member state leaders.

Exactly how member states of the European Union — there are 28 of them including the U.K. — will react to one of its own member states launching a successful hacking attack against their executive body, remains unknown.

But while members of the Parliament and Commission staff have, over the years, seen the U.S. as one of the greatest threats to the region’s data protection and privacy policies, they should have been looking a little closer to home.