Now, researchers at security firm Symantec have exposed another advanced cyber-weapon called Regin, which British and American intelligence agencies very likely used to hack into computer systems at the European Union, along with other high-level targets around the world.
The global Regin "hit list" belies the intelligence agencies' claims that their spying is limited to missions of national security. Nearly half of those targeted were private individuals and small businesses, according to Symantec. The other half included telecom providers, energy companies, airlines, research institutes and the hospitality industry.
The discovery of the program, which takes over entire networks, came just days before the United Nations adopted a major resolution condemning unlawful and arbitrary government surveillance. The document calls on states to align their surveillance practices with international human rights law, make the frameworks under which they operate publicly accessible and provide victims with opportunities for redress.
And who lobbied hard and unsuccessfully to weaken the resolution's language? The United States and its "Five Eyes" spying alliance, which includes the U.K., Canada, Australia and New Zealand. Demonstrating just how resistant those nations are to limits on cyber-spying, the Five Eyes argued against provisions in the U.N. statement that called for an end to indiscriminate electronic surveillance.