This article was published on February 17, 2015

Kaspersky Lab reveals spyware on the world’s most popular hard drives, suspects the NSA


Kaspersky Lab reveals spyware on the world’s most popular hard drives, suspects the NSA

The security researchers at Kaspersky Lab have revealed that an agency – most likely the NSA – has developed spyware that can be hidden on hard drives.

The software has been found to work with hardware made by Western Digital, Seagate, Toshiba, IBM, Micron Technology and Samsung, and could provide a means to conduct surveillance “on the majority of the world’s computers.”

Kaspersky reports that it has found a series of different backdoors, according to Reuters. It has detected variants of the software on machines in over 30 countries, including Iran, Russia, Pakistan, Afghanistan and China. Targets included government and military institutions, telecom companies, banks, energy firms, nuclear researchers, journalists and Islamic activists.

Though Kaspersky doesn’t actually name the NSA, it does note that the software is linked to Stuxnet – the worm which targeted Iranian nuclear installations and is thought to have been developed by the agency. A former NSA employee confirmed to Reuters that it “had developed the prized technique of concealing spyware in hard drives.”

Kaspersky has called the authors of the backdoors in hard drives “the Equation Group” playing on their obsession with encryption algorithms. Unsurprisingly, the NSA has declined to comment.

The Equation Group’s backdoors rely on malicious software in the firmware of hard drives, which launches every time a computer boots. Kaspersky claims the software represents a “technological breakthrough” which allows it to “infect the computer over and over again” and would have required access to proprietary source code to develop.

Kaspersky has published its research, hoping that infected institutions will be able to discover the software on their networks. The project is said to have been running as far back as 2001 so that could mean a lot of affected hard drives.

That said, the researchers believe those operating the backdoors have been highly selective and “only established full remote control over machines belonging to the most desirable foreign targets.”

If you’re not a senior official in a foreign government, a top scientist, a well-known journalist or a radical activist, you’re probably fine this time…probably.

Russian researchers expose breakthrough U.S. spying program

Image credit: Shutterstock/Mike Mois

Read nextDid GCHQ Illegally Spy On You? Here’s How You Can Find Out

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Published
Back to top