NSA Implanting Spyware into our Computers.
What seems to be a U.S.-run computer espionage program has reportedly figured out how to employ a "breakthrough" snooping tactic — the implanting of spyware into hard drives — that could compromise most of the world's computers.
As a matter of policy, Kaspersky Lab, which publicized the discovery in a report on Monday, withheld the name of the country it suspects of being behind the operation.
But the Moscow-based anti-virus company said the country behind the implanted spyware was closely linked to Stuxnet, the computer worm deployed by the U.S. National Security Agency to disable Iran's nuclear-enrichment capabilities.
Former NSA operatives confirmed to Reuters that the analysis by Kaspersky, a highly reputable anti-virus firm, was correct. They said the NSA’s ability to secretly embed spyware into hard drives has long been prized by the surveillance agency.
While the scope of the operation isn't fully understood yet, Kaspersky's chief malware analyst and other cybersecurity experts helped explain what's contained in the report, how the spyware works and why the revelations may have caught so many by surprise.
How is this spyware unique?
Cybersecurity researchers have detected malware — foreign software that's intended to disable or take over a computer — on computer operating systems in the past.
But this presents a new level of sophistication that Kaspersky's principal security researcher Vitaly Kamluk calls "revolutionary."
"Until now, we've never seen malware get to the micro-code, the microsystem running the hard drive itself," Kamluk said from Singapore.
To implant spyware on hard drives would require the device's source code — the raw written backbone of software that users would never see — and perhaps product blueprints that "only manufacturers would have access to," Kamluk said, suggesting such proprietary information could only be obtained through limited means.
"You might have to steal it," he said.
Any errors in the implanted malware, he added, would "completely destroy" a hard drive, rendering a computer useless and unable to boot up.
The Kaspersky Lab report code-named the perpetrator of the spyware "the Equation group," and said researchers have observed compromised hard drives in more than 30 countries, including Iran, Russia, Syria, Afghanistan, the U.S. and the U.K.
By its estimation, Kaspersky Lab says the program causes about 2,000 infections per month, with targets belonging to the telecom, aerospace, energy, military and nuclear research sectors, as well as governments and financial institutions, among others.
Kaspersky Lab counted about 500 known victims worldwide, but Kamluk estimates this may represent less than 10 per cent of computers with compromised "firmware."
Comments
Post a Comment