NSA Installed Malware on Hard Disks to Spy the World - Kaspersky Lab Exposes
Question asked by Dhananjay Harkare in #Coffee Room on Feb 17, 2015
Dhananjay Harkare · Feb 17, 2015
Rank C1 - EXPERT
World-famous Russian cyber security researchers at Kaspersky Lab have exposed the National Security Agency aka NSA, for cyberespionage. According to the findings published by researchers, US agency has developed a software toolkit which they reportedly installed on portable Hard Disk Drives and used it to eavesdrop on other nations. According to Kaspersky Lab, the campaign was carried out for about 14 years or possibly even for two decades and infected tens of thousands of computers of telecommunication providers, military, government, research institutions, media organisations etc. Researchers also claimed that they’ve found infected computers from about 30 countries including Russia, Iran, Pakistan, India, China, Syria, Algeria and others.
Though Kaspersky Lab denied to publicly name the country or organisation behind the spy-programme, it said the programme is closely linked to Stuxnet, belonging to NSA, which was earlier used to attack Iran’s Uranium facility. Reuters’ sources form NSA have confirmed that the findings are correct to their knowledge and also gave nod that NSA developed the technique to hide the spyware in Hard Disk Drives. NSA spokesman Vanee Vines said though he is aware of findings by Kaspersky, he won’t publicly comment on same. According to lead Kaspersky researcher Costin Raiu, spies hid the malicious code in firmware, something that launches every time the computer is powered on. For this, spies must’ve had access to source code, something for which NSA has its own ways, says a former intelligence operative. Victims of the spying-programme may be users of several HDD manufacturers including Western Digital, IBM, Samsung, Seagate, Toshiba, Micron etc. Surprisingly, many of these makers either didn’t have any knowledge of spying campaigns or they declined to comment.
In analogy with the encryption formulae used, Kaspersky Lab have named spies as "The Equation Group", which it believes is probably the most sophisticated cyber-attacks group in the world. The Equation Group also developed a computer virus named “Fanny” which might be used to scout out targets for Stuxnet in Iran. After all this, it would now be interesting to see NSA’s reply and if former-NSA employee Edward Snowden could comment on the same.
Source: Reuters | Read Kaspersky Lab findings here Posted in: #Coffee Room
Though Kaspersky Lab denied to publicly name the country or organisation behind the spy-programme, it said the programme is closely linked to Stuxnet, belonging to NSA, which was earlier used to attack Iran’s Uranium facility. Reuters’ sources form NSA have confirmed that the findings are correct to their knowledge and also gave nod that NSA developed the technique to hide the spyware in Hard Disk Drives. NSA spokesman Vanee Vines said though he is aware of findings by Kaspersky, he won’t publicly comment on same. According to lead Kaspersky researcher Costin Raiu, spies hid the malicious code in firmware, something that launches every time the computer is powered on. For this, spies must’ve had access to source code, something for which NSA has its own ways, says a former intelligence operative. Victims of the spying-programme may be users of several HDD manufacturers including Western Digital, IBM, Samsung, Seagate, Toshiba, Micron etc. Surprisingly, many of these makers either didn’t have any knowledge of spying campaigns or they declined to comment.
In analogy with the encryption formulae used, Kaspersky Lab have named spies as "The Equation Group", which it believes is probably the most sophisticated cyber-attacks group in the world. The Equation Group also developed a computer virus named “Fanny” which might be used to scout out targets for Stuxnet in Iran. After all this, it would now be interesting to see NSA’s reply and if former-NSA employee Edward Snowden could comment on the same.
Source: Reuters | Read Kaspersky Lab findings here Posted in: #Coffee Room
Keerthivasan Ravisankar · Feb 17, 2015
Rank C1 - EXPERT
Does it affects computers who have Kaspersky Internet Security (KIS) in their systems?
Jatin Kumar · Feb 17, 2015
Rank C1 - EXPERT
i think it did ,because if they know it they surely exposed it beforeKeerthivasan RDoes it affects computers who have Kaspersky Internet Security (KIS) in their systems?
Jatin Kumar · Feb 17, 2015
Rank C1 - EXPERT
why any indian's agenceis are not doing these cool stuff 😁😏
Rajni Jain · Feb 17, 2015
Rank B1 - LEADER
If Kaspersky is reveling about the malware, why don't they program their AV to remove the malware?
Jatin Kumar · Feb 18, 2015
Rank C1 - EXPERT
May be the virus is hardcoded or if not they surely have done it till nowRajni JainIf Kaspersky is reveling about the malware, why don't they program their AV to remove the malware?
micheal john · Feb 18, 2015
Rank B3 - LEADER
HDD manufacturers including Western Digital, IBM, Samsung, Seagate, Toshiba, Micron etc. Surprisingly, many of these makers either didn’t have any knowledge of spying campaigns or they declined to comment.HDD manufactures willing help NSA?
Dhananjay Harkare · Feb 18, 2015
Rank C1 - EXPERT
Not really, I guess. They are probably more ignorant of such campaigns!micheal johnHDD manufactures willing help NSA?
lal · Feb 18, 2015
Rank A3 - PRO
@Rajni Jain, It can't be removed that easily when the firmware of HDD itself is acting as the spyware. Kaspersky can't alter the HDD frimware no matter what it finds there, except "may be" defer it's operation.
