NSA Surveillance Software Infecting Thousands of Computers Worldwide

Uploaded on 2015-02-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

 

A sophisticated spying campaign infected tens of thousands of computers worldwide with surveillance software, some embedded in hard drives, according to a report from a cybersecurity company that points toward the US National Security Agency.

KasperskyThe malware was found in 30 countries, including Iran, Russia, China, Afghanistan and Pakistan, and targeted governments and diplomatic institutions, military, Islamic activists and key industries such as telecommunications, aerospace, energy, financial institutions and oil and gas, Kaspersky Lab Inc., a Moscow-based cybersecurity company, said in a report released recently.

The group's ability to infect hard-drive firmware "exceeds anything we have ever seen before," the company said. Kaspersky named the perpetrators the Equation Group.

Kaspersky didn't explicitly identify the group as being affiliated with the NSA. 'However', said Costin Raiu, director of Kaspersky's global research and analysis team, "to achieve this level of sophistication you need a lot of resources and money. We are not seeing any kind of obvious financial theft associated with this operation so they have to be nation-state sponsored."

It used malware that was later found to be part of the Stuxnet computer worm, used in 2010 to cripple Iran's nuclear program is widely believed to have been deployed by Israel and the NSA.
US intelligence agencies use techniques identified in the report, such as implanting malware on hard-drive firmware, to go after a limited number of high-value targets judged to be a threat to national security, according to two US officials who weren't authorized to speak on the record.

« BMW Fixes Flaw risking 2.2 Million Cars to Break-In
Cybercrime and the value of personal data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ACIS Professional Center

ACIS Professional Center

ACIS provides training and consulting services in the area of information technology, cybersecurity, IT Governance, IT Service management, information security and business continuity management.

Hack Miami

Hack Miami

HackMiami is the premier resource in South Florida for highly skilled hackers that specialize in vulnerability analysis, penetration testing, digital forensics, and all manner of IT security.

Radisys

Radisys

Radisys offers software, products, integrated systems, and professional services for communication service providers and telecom solution vendors.

Cyber Security Recruiters

Cyber Security Recruiters

Cyber Security Recruiters is a niche recruiting firm who finds impact players for our clients in the Information Security Space.

EY Advisory

EY Advisory

EY is a multinational professional services firm headquartered in the UK. EY Advisory service areas include Cybersecurity.

Department of Justice - Office of Cybercrime (DOJ-OOC)

Department of Justice - Office of Cybercrime (DOJ-OOC)

The Office of Cybercrime within the Philippines Department of Justice is the Central Authority in all matters relating to international mutual assistance and extradition for cybercrime.

Sequoia Capital

Sequoia Capital

Sequoia Capital is a venture capital firm focused mainly on technology. We partner both with young companies finding their stride and established ones looking for growth.

ByteSnipers

ByteSnipers

ByteSnipers specialize in penetration testings and secure development services. Our focus is on your security.

Netlinkz

Netlinkz

Netlinkz has developed the Virtual Secure Network (VSN) overlay technology platform, a breakthrough in connectivity security, speed, and simplicity.

CloudCover

CloudCover

CloudCover is a software-defined cybersecurity risk solution that provides risk awareness, risk analytics, and data security in real time.

Pionen

Pionen

Pionen are a specialist information security consultancy with excellent people and proven security delivery methodologies at its core.

Lavabit

Lavabit

Lavabit's Dark Internet Mail Environment is a secure, open-source, secure end-to-end communications platform for asynchronous messaging across the internet.

Eleos Labs

Eleos Labs

Eleos Labs' suite of security tools prevent Web3 cyber attacks, reduce economic risks, and protect digital assets.

Mitigo Group

Mitigo Group

Mitigo offers a well considered and effective approach to keeping businesses completely secure from any digital attacks.

Eden Data

Eden Data

Eden Data is on a mission to break the outdated mold of traditional cybersecurity consulting. We handle all of your security, compliance & data privacy needs.

PlanNet 21 Communications

PlanNet 21 Communications

PlanNet 21 Communications is Ireland most specialised technology solution provider.