Kaspersky: That 2 years we took to warn you about Regin ? We had GOOD REASON

  • 5 December 2014
  • 0 replies
  • 184 views

Userlevel 7
By John Leyden, 5 Dec 2014
 
Kaspersky Lab has responded to criticism that security vendors took years too long to spot Regin, a recently discovered strain of ultra-sophisticated (and probably state-sponsored) spyware.
Regin is a software framework rather than an individual malicious code sample. Security vendors have until recently only seen fragments of the whole, making analysis difficult. Kaspersky Lab explained the two-year delay in releasing info about the Regin cyberweapon by comparing its work to an investigation by police.
Security research - not unlike law enforcement investigations - requires meticulous scrutiny and analysis, and in many cases, it's important to watch the crime unfold in real-time to build a proper case. In our case, without unlimited resources and the fact that we're tracking multiple APT actors simultaneously (Careto/Mask, EpicTurla, Darkhotel, Miniduke/Cosmicduke, to name a few), this becomes a process that takes months, even years, to gain a full understanding of a cyber-operation.
full article

0 replies

Be the first to reply!

Reply