Do I need to worry about state‑sponsored threats like Regin?
Since the discovery of Stuxnet several years ago, there has been a parade of targeted malware that may have been created or sponsored by nation states. Does an average person or business really need to worry about these things?
Since the discovery of Stuxnet several years ago, there has been a parade of targeted malware (such as Flame, Duqu, Gauss and now Regin) that may have been created or sponsored by nation states. These complex threats have a dizzying array of functionality designed, at least in part, to spy on its intended victims. Naturally, such exceptional threats garner much media coverage. But as an average person or business, is this something you need to worry about?
Generally speaking, unless you have state secrets or provide financial or Internet services to someone who does, it is not likely that you will run across such notable threats as Regin (detected by ESET as Win32/Regin) and company.
This does not mean that there are no potential threats to the average person, as by most counts, more than 200,000 new malware is discovered every day. And most of them are significantly less complex, yet far more prevalent. For those of us who are not targeted by government agencies, protection is a relatively simple thing, and there are things all of us can do to make ourselves safer against regular malware threats:
It’s always important to update your software, including operating systems, applications and browser plugins. Speaking of which: Adobe recently released an out-of-band patch for its Flash Player product. For the average person, this vulnerability poses more risk than the Regin malware, so be sure to get this update as soon as possible.
Bad things happen, not just security problems. Having a good backup can make recovering from these problems much quicker. Cyber criminals have been very interested in creating ransomware lately; if you have a recent backup, this entire class of malware becomes a minor annoyance rather than a serious threat.
ESET’s products have detection for variants of the Regin family of malware, among many others. It is not yet known how this malware family (or malware in general) will evolve in the future, so it is a good idea to use multiple layers of detection. An anti-malware suite with a firewall is a good thing to have. You can also protect data by encrypting it in storage and when you send it across the network, such as via email, IM or via the Web. It is also wise to have a healthy sense of paranoia about online interactions, as cyber criminals often try to tempt people into letting malware past defenses. “Trust but verify” messages, files, and websites that seem unusual or suspicious.
I assume, as a regular reader of this website, that you know all about using strong passwords. Many sites and services now offer Two-Factor Authentication (2FA), which offers you another layer of protection even in case your password is stolen or cracked.
In this era of the proliferation of complex, targeted malware, it can seem like the battle is lost and we cannot hope to beat the onslaught. If a sufficiently funded and determined adversary such as a nation state is targeting a company or individual, the best hope may be quick detection after the fact. But for most people, around the world, we are not likely to be caught in the crosshairs of these digital weapons. There are many things most of us can do to improve our security to a reasonable degree, so that we can severely limit the number of malware that are truly a threat to us.