Many Hollywood action spy movies portray government agencies with amazing computers that can access unlimited computer systems, security cameras, computer networks, and more beyond our imaginations.
You usually have to suspend belief with movies like Mission Impossible and Eagle Eye because government agencies can't activate a cell phone's camera or activate the cell phones of everyone standing around you, right?
Well, maybe they can, or someone can, and they might have been doing it since 2008.
Pay attention for a few minutes because I'm going to tell you something that could affect your website and your business in a very unexpected way.
Back in late November 2014, while you were putting the finishing touches on your holiday advertising, Symantec dropped a bombshell security breach announcement that was overlooked by main stream media and only written about by organizations and bloggers specializing in security.
They call it "Regin" and the headline of Symantec's report says it is "an extremely complex piece of software that can be customized with a wide range of different capabilities that can be deployed depending on the target."
In other words, this is real espionage stuff that seems to turn all that movie spy fiction into reality, and evidence of it dates back to 2008 and suspected origins as early as 2003.
Regin is a groundbreaking malware that lurks inside the Windows computers it infects without giving any hint of infection. It can stay quietly installed until its cybermasters call upon it to take action. Additionally, it's been discovered that Regin can be uninstalled by its cybermasters once the espionage task is complete.
Although this is a backdoor Trojan targeting Windows computers, it has been discovered on many of the Windows computers that control the GSM cellular network. Once a cellular network is compromised Regin can then infiltrate any device using GSM technology, i.e. every device that connects to the internet through cell technology, regardless of operating system or hardware.
In their announcement, Symantec warns that the Regin is extremely complex and that it would take a significant team of engineers to create and maintain it, which means this was probably created by some government or government organization. Symantec feels that there is even more to this espionage malware than they are able to discover right now.
Exactly which government is responsible is unknown, but they suspect the origins come from one of the infected countries where it has been discovered so far. The infected countries include Russia, Saudi Arabia, Mexico, Ireland, India, Afghanistan, Iran, Belgium, Austria, and Pakistan. Even though the USA isn't on the list, each of those countries does conduct some type of trade with the United States.
Most people might not consider their own computer important enough to be spied upon, but the analysis shows that most of the intrusions are taking place within small businesses and private computers.
Here's the pie chart sector breakdown from Symantec's report showing infections by sector:
Here's the pie chart breakdown showing Regin infections by country:
Regin can capture a lot of information from a compromised computer. Some of those things include passwords, any file on the hard drive, screen captures, log files, monitor network traffic, and even recover files you've deleted from your hard drive.
As a small business in the United States you might feel pretty safe since this seemingly does not concern you, but there' something here that really frightens me, and the reason I brought up this topic today.
So many technology jobs and services are outsourced to India that it's possible that the Regin cybermasters already have password access to millions of websites whose services were outsourced to India. When it comes to hiring a website agency, even though you hire a US company, they might still outsource to India to keep their costs down.
Here comes the bottom line of today's Daily Golden Nugget:
This newly revealed Regin threat is real. Someone, probably a foreign government, has the power to infiltrate Windows based computers on an unprecedented level. The targeting of small businesses and individuals hints that the cybermasters have an unknown and much larger agenda than the typical destructive virus or malware.
In the light of this Symantec announcement I urge you to rethink the services you've outsourced to India.
There's a real threat here if your outsourcer needs password access to your website or computer systems. If your outsourcer is compromised by Regin then your passwords could be stolen, or worse, your outsourcer could be the conduit through which Regin infiltrates your computer.
No matter how small you think you are, any website with e-commerce or user accounts could be a target for Regin.
