Mic WrightReporter, TNW
Mic Wright is a journalist specialising in technology, music and popular culture. He lives in Dublin. He is on Twitter at @brokenbottleboy. Mic Wright is a journalist specialising in technology, music and popular culture. He lives in Dublin. He is on Twitter at @brokenbottleboy.
The security researchers at Kaspersky Lab have revealed that an agency – most likely the NSA – has developed spyware that can be hidden on hard drives.
The software has been found to work with hardware made by Western Digital, Seagate, Toshiba, IBM, Micron Technology and Samsung, and could provide a means to conduct surveillance “on the majority of the world’s computers.”
Kaspersky reports that it has found a series of different backdoors, according to Reuters. It has detected variants of the software on machines in over 30 countries, including Iran, Russia, Pakistan, Afghanistan and China. Targets included government and military institutions, telecom companies, banks, energy firms, nuclear researchers, journalists and Islamic activists.
Though Kaspersky doesn’t actually name the NSA, it does note that the software is linked to Stuxnet – the worm which targeted Iranian nuclear installations and is thought to have been developed by the agency. A former NSA employee confirmed to Reuters that it “had developed the prized technique of concealing spyware in hard drives.”
Kaspersky has called the authors of the backdoors in hard drives “the Equation Group” playing on their obsession with encryption algorithms. Unsurprisingly, the NSA has declined to comment.
The Equation Group’s backdoors rely on malicious software in the firmware of hard drives, which launches every time a computer boots. Kaspersky claims the software represents a “technological breakthrough” which allows it to “infect the computer over and over again” and would have required access to proprietary source code to develop.
Kaspersky has published its research, hoping that infected institutions will be able to discover the software on their networks. The project is said to have been running as far back as 2001 so that could mean a lot of affected hard drives.
That said, the researchers believe those operating the backdoors have been highly selective and “only established full remote control over machines belonging to the most desirable foreign targets.”
If you’re not a senior official in a foreign government, a top scientist, a well-known journalist or a radical activist, you’re probably fine this time…probably.
➤Russian researchers expose breakthrough U.S. spying program
Image credit: Shutterstock/Mike Mois
Read next: Did GCHQ Illegally Spy On You? Here’s How You Can Find Out
Get the TNW newsletter
Get the most important tech news in your inbox each week.