Do we need to worry about state-sponsored threats like Regin?

Last week the media headlines were full of the newly discovered nation-state malware Regin. ESET Ireland looks at how much of a threat is this to the average user and what should be prioritised.

Since the discovery of Stuxnet several years ago, there has been a parade of targeted malware (such as Flame, Duqu, Gauss and now Regin) that may have been created or sponsored by nation states. These complex threats have a dizzying array of functionality designed, at least in part, to spy on its intended victims. Naturally, such exceptional threats garner much media coverage. But as an average person or business, is this something you need to worry about?

Generally speaking, unless you have state secrets or provide financial or Internet services to someone who does, it is not likely that you will run across such notable threats as Regin (detected by ESET as Win32/Regin) and company.

This does not mean that there are no potential threats to the average person, as by most counts, more than 200,000 new malware is discovered every day. And most of them are significantly less complex, yet far more prevalent. For those of us who are not targeted by government agencies, protection is a relatively simple thing, and there are things all of us can do to make ourselves safer against regular malware threats:

  • Update
    It’s always important to update your software, including operating systems, applications and browser plugins. Speaking of which: Adobe recently released an out-of-band patch for its Flash Player product. For the average person, this vulnerability poses more risk than the Regin malware, so be sure to get this update as soon as possible.
  • Backup
    Bad things happen, not just security problems. Having a good backup can make recovering from these problems much quicker. Cyber criminals have been very interested in creating ransomware lately; if you have a recent backup, this entire class of malware becomes a minor annoyance rather than a serious threat.
  • Layered defences
    It is a good idea to use multiple layers of detection. An anti-malware suite with a firewall is a good thing to have. You can also protect data by encrypting it in storage and when you send it across the network, such as via email, IM or via the Web. It is also wise to have a healthy sense of paranoia about online interactions, as cyber criminals often try to tempt people into letting malware past defences. “Trust but verify” messages, files, and websites that seem unusual or suspicious.
  • Two-Factor Authentication
    Use strong passwords. Many sites and services now offer Two-Factor Authentication (2FA), which offers you another layer of protection even in case your password is stolen or cracked.

If a sufficiently funded and determined adversary such as a nation state is targeting a company or individual, the best hope may be quick detection after the fact. But for most people, around the world, we are not likely to be caught in the crosshairs of these digital weapons. There are many things most of us can do to improve our security to a reasonable degree, so that we can severely limit the number of malware that are truly a threat to us.

by Lysa Myers, ESET

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s