malware industrial complex

Reagan? No, Regin — Yet Another [GCHQ] Intelligence Malware

Recently, computer security firm Symantec reported discovery of another intelligence-gathering malware, dubbing  it “Regin.”

What’s particularly interesting about this malware is its targets:

  • It infected computers in Afghanistan, Austria, Belgium, India, Iran, Ireland, Mexico, Pakistan, Russia, Saudia Arabia;
  • At 48% of total infections, the largest group of targets were private individuals and small businesses.

Please do read Symantec’s blog post and its technical paper on Regin to understand how it works as well as its targets. Many news outlets either do not understand malware and cybersecurity, or they get facts wrong whenever major malware attacks are reported. Symantec’s revelation about Regin is no different in this respect.

Independent.ie offers a particularly exceptional example distorting Symantec’s report, claiming “Ireland is one of the countries worst hit globally by a dangerous new computer virus that spies on governments and companies, according to a leading technology firm.”

If by “worst hit,” they mean among the top four countries targeted by this malware? Sure. But only 9% of the infections affected Irish-based computers, versus 28% of infections aimed at Russian machines, and 24% affecting Saudi machines. The Independent.ie’s piece reads like clickbait hyperbole, or fearmongering, take your pick.

What wasn’t addressed by the Independent.ie and numerous other outlets, including those covering the tech sector are some fundamental questions:

  • What assets or activities might the targeted countries have in common that would make them targets of a single intelligence operation organized by one or more nation-states?
  • What are so many private individuals and small businesses targeted by this malware, in contrast to other malware-based intelligence-collection operations seen to date?

The Guardian came closest to examining these issues, having interviewed researchers at computer security firm F-Secure to ask the origins of the malware. As of 24-NOV-2014, the firm’s Mikko Hypponen speculated that the US, UK, and/or Israel were behind Regin’s development and deployment.

As of the video embedded above, Hypponen firmly says the UK’s intelligence entity GCHQ is behind Regin, in particular the malware’s invasion of a Belgian telecom network (see video at 07:20). Continue reading

Enjoy A Valentine’s Day Sampler

Made just for you via cryptogram.com

Made just for you via cryptogram.com

It’s difficult lately for me to sit down and spend time on a blogpost. I manage a handful of minutes here and there to do reading or research. An email may take hours to draft.

But there’s too much juicy stuff floating around deserving more attention. I’m going to gather content as I see it and aggregate it into a post when I have time, rather than let them slip by. Perhaps you can make more of them than I can.

•  MIT Technology Review acknowledges the dawn of a new age in Welcome to the Malware-Industrial Complex. I’m rather surprised at the tone of this piece; it’s not au courant, rather a bit behind the times since the MIC launched more than a handful of years ago. Two important points emerge: 1) Zero-day exploits are being traded like weaponry–think very hard about the source of these exploits and ask yourself why they are tolerated in government computing environments, let alone any other production environment; 2) This new age is the military face of the paradigm shift from the industrial to the information age. Weapons are information; they are no longer separate from the weapons themselves. With this in mind, the last two grafs of this article display the already-anachronistic thinking of the author and his sources.

•  Syracuse University MA/PhD student Seth Long performs a rather fascinating analysis on alleged cop killer Christopher Dorner’s manifesto. But equally fascinating is his earlier analysis on Ted Kaczynski’s Unabomber manifesto. Compare the two assessments, and then ask yourself what any blogger’s online writings might say about them if Long’s analytical process is eventually automated with algorithms. Scary, hmm?

•  Really great long read at Bloomberg Businessweek on the unmasking of a Chinese hacker by a Dell Computers malware expert. This is a snapshot of asymmetric warfare in progress; it’s not as if China has not told us rather candidly (and more than a decade ago) they would engage us in this manner as well as in other non-internet battlefields. Any surprise on the part of U.S. government officials at this point is utterly ridiculous–it’s either feigned or it’s should-get-another-day-job stupidity.

•  I’m so annoyed by this long read in Aeon Magazine–a really great mag, by the way–that I may yet muster the time to write something longer. Author Damien Walter is rather specious in his identification of a new “creator culture” and its necessity to society’s continued success. The problem isn’t that we need to adopt and nurture a new creator culture; it’s that we killed the one we had quite willingly over the last 25-35 years by offshoring production and the subsequent commodification of goods. We allowed corporations and their one-percenter shareholders to tell us that getting our hands dirty through craftsmanship and in manufacturing was bad (mostly bad for their profit margins). We’ve become a culture that doesn’t fix anything; we buy replacements made overseas in third world countries. We’ve lost our can-do spirit along with this shift, and only recently have both the economic crisis and a new hipster-hobbyist ethos encouraged a resurgence of the do-it-yourself handyperson. Unless we’re conscious of our role in killing creativity, nurturing it again through supporting Etsy and Maker Faires is merely temporary relief from the crush of profit-driven consumerism.

•  But perhaps all of this will be moot tomorrow if the cosmos decides to make a bank shot with asteroid 2012 DA14. This “small” asteroid will fly within 17,200 miles of earth tomorrow afternoon. This is awfully bloody close–close enough that scientists say disruption of cellphone and other satellite service is not impossible, but unlikely. That’s a whisker’s breadth, in cosmic scale. Best to check in tomorrow afternoon after 3:00 pm CST to see if we’re still here. See you then.

Emptywheel Twitterverse
emptywheel @FallenJPAngel I keep saying this country will start doing something about climate change when Lockheed figures that out @kenvogel @tedcruz
1mreplyretweetfavorite
emptywheel Cruz isn't stupid. He knows what the Kochs are purchasing, and he's all too happy to self himself as that product. https://t.co/LJhwZC5Pdj
4mreplyretweetfavorite
bmaz @MonaHol @rcjparry @walterwkatz @PolicingWatch @mattapuzzo Jesus would clearly shoot anybody that doesn't supplicate themselves to a cop.
5mreplyretweetfavorite
bmaz @rcjparry And as I said ass licking cop troll.
6mreplyretweetfavorite
bmaz @PhilPerspective @walterwkatz Three weeks is too long dammit! Can't wait for the Belgian!
7mreplyretweetfavorite
bmaz @rcjparry Go fuck yourself
8mreplyretweetfavorite
bmaz Which is not to say that those people can't be cravenly neutered by paid, arguably fraudulent, shills like Lewinski https://t.co/YYmtpMZtjU
8mreplyretweetfavorite
bmaz @walterwkatz @rcjparry Not because they are right, but because the field has been fouled with total disingenuous crap.
11mreplyretweetfavorite
bmaz @walterwkatz @rcjparry right. certainty and smooth presentation of BS that, even when countered, turns into expert battle that cops win.
12mreplyretweetfavorite
bmaz No, jackass, I am stupefied that there are recalcitrant apologists like you for abuse of force and murder by cops. https://t.co/kqcgaxn0de
14mreplyretweetfavorite
bmaz @rcjparry @walterwkatz @PolicingWatch @mattapuzzo How about you find one "actual scientist" who DOES agree. And, btw, Lewinski isn't one.
18mreplyretweetfavorite
bmaz @rcjparry @PolicingWatch @mattapuzzo @walterwkatz Also. no maybe after 30yrs of watching this fraud Im "not classy". Screw that Uncle Albert
19mreplyretweetfavorite
August 2015
S M T W T F S
« Jul    
 1
2345678
9101112131415
16171819202122
23242526272829
3031