UK, US behind Regin malware, attacked European Union networks

Two governments working together are said to have developed the state-sponsored malware that attacked the European Union. Guess what? One of the makers was an EU country.

eu-flag
Image: European Commission

Blame the British and American spy agencies for the latest state-sponsored malware attack, say reporters at The Intercept.

Read this

Which nation-state is behind the sophisticated, stealthy Regin malware?

Symantec researchers are impressed by Regin, which has been conducting high-level surveillance campaigns worldwide since 2008. Is it state-sponsored?

The publication, which in the wake of Glenn Greenwald's departure from The Guardian continued to publish documents leaked by Edward Snowden, said on Monday the recently discovered malware, known as Regin, was used against targets in the European Union.

One of those targets included Belgian telecommunications company Belgacom, which had its networks broken into by the British spy agency the Government Communications Headquarters (GCHQ).

Regin was first publicly talked about over the weekend after Symantec discovered the "sophisticated" malware , though is understood to have been in circulation since 2008.

Compared to Stuxnet, the state-sponsored malware whose creators have never been confirmed, the recently-discovered trojan steals data from machines and networks it infects, disguised as Microsoft software. 

Some began to point the finger at Russia and China, but these were quickly discounted by industry experts. Others suspected the U.S. and Israel — a deal already exists that allows the Middle Eastern allied state to access raw and "unchecked" U.S. collected intelligence .

They weren't far off. According to Monday's report, the U.S. working in conjunction with Britain, a European member state (though perhaps not for much longer) attacked Belgacom using the Regin malware.

Though the Belgacom hack was disclosed by Snowden's leaks , the malware used had never been revealed.

The new details from The Intercept show how GCHQ embarked upon its "hacking mission," known as Operation Socialist, by accessing Belgacom's networks in 2010. By targeting engineers through a faked LinkedIn page, GCHQ was able to get deep inside the Internet provider to steal data.

One of Belgacom's main clients was the European Commission, the European Parliament, and the European Council of member state leaders. 

Exactly how member states of the European Union — there are 28 of them including the U.K. — will react to one of its own member states launching a successful hacking attack against their executive body, remains unknown.

But while members of the Parliament and Commission staff have, over the years, seen the U.S. as one of the greatest threats to the region's data protection and privacy policies, they should have been looking a little closer to home.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All