The bug is probably run by a Western intelligence agency and is more advanced in engineering terms than Stuxnet, which was designed by US and Israel government hackers in 2010 to target Iran’s nuclear program, Symantec says.
“Regin could be customised to target different organizations and had hacked Microsoft email exchange servers and mobile phone conversations on major international networks,” the company says.
The bug has been deployed against Internet service providers and telecoms companies mainly in Russia and Saudi Arabia as well as Mexico, Ireland and Iran, according to the report, although it is unclear how Regin infected the systems.“We are probably looking at some sort of western agency,” said Orla Cox, director of security response at Symantec, describing Regin as one of the most “extraordinary” pieces of hacking software developed, and probably “months or years in the making”.
“Sometimes there is virtually nothing left behind - no clues. Sometimes an infection can disappear completely almost as soon as you start looking at it, it’s gone. That shows you what you are dealing with,” she said.
Eugene Kaspersky, the head of Kaspersky Labs, the Russian company that helped uncover the Stuxnet worm, told the newspaper that criminals are currently hacking industrial control systems for financial gain.
Kaspersky warned that the computer networks that control energy plants and factories are becoming targets for organised crime gangs armed with skilled hackers. Networks that run industrial companies have encountered “more and more very targeted attacks,” he said.