NSA Surveillance Software Infecting Thousands of Computers Worldwide
A sophisticated spying campaign infected tens of thousands of computers worldwide with surveillance software, some embedded in hard drives, according to a report from a cybersecurity company that points toward the US National Security Agency.
The malware was found in 30 countries, including Iran, Russia, China, Afghanistan and Pakistan, and targeted governments and diplomatic institutions, military, Islamic activists and key industries such as telecommunications, aerospace, energy, financial institutions and oil and gas, Kaspersky Lab Inc., a Moscow-based cybersecurity company, said in a report released recently.
The group's ability to infect hard-drive firmware "exceeds anything we have ever seen before," the company said. Kaspersky named the perpetrators the Equation Group.
Kaspersky didn't explicitly identify the group as being affiliated with the NSA. 'However', said Costin Raiu, director of Kaspersky's global research and analysis team, "to achieve this level of sophistication you need a lot of resources and money. We are not seeing any kind of obvious financial theft associated with this operation so they have to be nation-state sponsored."
It used malware that was later found to be part of the Stuxnet computer worm, used in 2010 to cripple Iran's nuclear program is widely believed to have been deployed by Israel and the NSA.
US intelligence agencies use techniques identified in the report, such as implanting malware on hard-drive firmware, to go after a limited number of high-value targets judged to be a threat to national security, according to two US officials who weren't authorized to speak on the record.
