Did the NSA embed spyware in your computer?
The United States has figured out how to bug hard drives built by the world鈥檚 top computer manufacturers, giving it the ability to spy on and sabotage computers and networks in countries targeted by American intelligence agencies, .
Five hundred infections in more 30 countries have been documented by Moscow-based Kaspersky Lab, with the highest levels of infection reported in Iran, Russia, Pakistan, and Afghanistan. Manufacturers Western Digital Technologies, Samsung Electronics, and Seagate Technology are among the top brand names affected worldwide.
Kaspersky announced its findings Monday at a in Cancun, Mexico. The firm did not quite point the finger at the National Security Agency, instead naming the threat actor the 鈥淓quation鈥 group, for its members鈥 affinity for 鈥渆ncryption algorithms and obfuscation strategies.鈥
But the report did claim that the spying campaign, which goes back as far as 2001, is linked to the origins of other, older NSA-led cyber weapons such as Stuxnet and the Flame malware platform.
The difference is that this new technology allows the Equation group to embed malicious software into a computer鈥檚 firmware 鈥 the built-in code that governs a device's basic functions 鈥 according to Kaspersky鈥檚 report.
This makes the spyware 鈥 which creates that survives "military-grade disk wiping and formatting" 鈥 almost impossible to detect or remove. It also allows the software 鈥渢o infect the computer over and over," Kaspersky threat researcher Costin Raiu .
Implanting the spyware requires access to manufacturers' proprietary source code that controls a computer鈥檚 hard drive, which is impossible to do with publicly available data, Mr. Raiu said.
While it鈥檚 not yet clear how the NSA could have laid hands on that information, some former operatives told Reuters that the agency sometimes poses as a software developer that needs to make sure software is secure in order to gain access to source code.
The NSA has declined to comment on allegations in the Kaspersky report, according to Reuters.
Kaspersky鈥檚 revelations come just days after another document from NSA whistleblower Edward Snowden鈥檚 cache was made public. The document, , reveals that security researchers fear that Iran and other US adversaries are improving their cyber weapons by learning from cyber attacks launched against them.
鈥淚ran鈥 has demonstrated a clear ability to learn from the capabilities and actions of others,鈥 .
These latest revelations could also have an impact similar to the backlash that resulted after Mr. Snowden leaked NSA documents in 2013, Reuters reported. shortly after Snowden leaked a trove of confidential NSA information to the media.
Peter Swire, a member of President Barack Obama's Review Group on Intelligence and Communications Technology, told the wire service that before using its knowledge of software flaws for gathering intelligence, the US needs to consider how such actions would affect trade and foreign relations.
"There can be serious negative effects on other US interests," Mr. Swire said.
