Want to see a classic example of irony? Head to the US Computer Emergency Readiness Team (CERT) website. The government security group has issued a public warning about Regin... you know, the extra-sophisticated malware that many suspect the US wrote to spy on telecom networks. It's more than a little amusing to see one agency warn about a problem the other may have created, although it raises a few questions when there haven't been similarly direct warnings for (allegedly) state-created attacks like Stuxnet and Duqu. Is it evidence that the US wasn't involved, or that Regin is out of control? An attempt to throw people off the scent? Or something else?
It's difficult to know the answer without confirmation of Regin's claimed state-sponsored origins. Even if it was made for US surveillance, though, the left hand may not know what the right hand is doing. Agencies like the NSA aren't compelled to reveal every secret activity to other branches, even the Department of Homeland Security (which oversees CERT). Barring any revelations, it's more likely that CERT is just acknowledging the concerns raised by groups like Symantec and Kaspersky -- even if it has led to some unintentional comedy.
[Image credit: Patrick Lux/Getty Images]