CaribbeanFever / FeverEyes / CaribFever

Caribbean Fever - Your ONLY destination to all things Caribbean and more

Russian researchers expose 'NSA's secret weapon': Outrage at program that enables America to spy on EVERY home computer in the world is uncovered

nsa

++++++

  • The NSA has figured out how to hide spying and sabotage software deep within hard drives, according to cyber researchers and former operatives 
  • The group said it found personal computers in 30 countries infected with one or more of the spying programs
  • The most infections were seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria 
  • The infections started in 2001, but increased drastically in 2008, the year President Barack Obama was elected
  • The tools are designed to run on computers even when they are not connected to the Internet, and even the makers of some of the hard drives are unaware that these programs have been embedded 
  • The spies made a technological breakthrough by figuring out how to lodge malicious software in the obscure code called firmware that launches every time a computer is turned on 

The National Security Agency has figured out how to hide spying software deep within hard drives, allowing them to monitor and eavesdrop on the majority of the world's computers - even when they are not connected to the internet.

The Moscow-based security software maker Kaspersky Lab said it has found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.

The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists.

Scroll down for video  

Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs

Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs

The NSA has figured out how to hide spying software deep within hard drives , giving the agency the means to eavesdrop on the majority of the world's computers, according to Kaspersky (file photo)

The NSA has figured out how to hide spying software deep within hard drives , giving the agency the means to eavesdrop on the majority of the world's computers, according to Kaspersky (file photo)

The NSA began infecting computers in 2001 claims Kaspersky, ramping up their efforts in 2008 when President Barack Obama was elected.

This 'surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades,' said Kaspersky. 

What's more, even the makers of these hard drives are unaware that these spying programs have been installed, with the NSA obtaining their source codes by going so far as to pose as software developers according to former intelligence operatives, or telling the companies the government must do a security audit to make sure their source code is safe.

According to Kaspersky, the spies made a technological breakthrough by figuring out how to lodge malicious software in the obscure code called firmware that launches every time a computer is turned on.

Disk drive firmware is viewed by spies and cybersecurity experts as the second-most valuable real estate on a PC for a hacker, second only to the BIOS code invoked automatically as a computer boots up.

'The hardware will be able to infect the computer over and over,' lead Kaspersky researcher Costin Raiu said in an interview.

Though the leaders of the still-active espionage campaign could have taken control of thousands of PCs, giving them the ability to steal files or eavesdrop on anything they wanted, the spies were selective and only established full remote control over machines belonging to the most desirable foreign targets, according to Raiu. He said Kaspersky found only a few especially high-value computers with the hard-drive infections.

The firm declined to publicly name the country behind the spying campaign, but said it was closely linked to Stuxnet, the NSA-led cyberweapon that was used to attack Iran's uranium enrichment facility. The NSA is the U.S. agency responsible for gathering electronic intelligence.

A former NSA employee told Reuters that Kaspersky's analysis was correct, and that people still in the spy agency valued these espionage programs as highly as Stuxnet. Another former intelligence operative confirmed that the NSA had developed the prized technique of concealing spyware in hard drives, but said he did not know which spy efforts relied on it.

NSA spokeswoman Vanee Vines said the agency was aware of the Kaspersky report but would not comment on it publicly.

Kaspersky published the technical details of its research on Monday, a move that could help infected institutions detect the spying programs, some of which trace back as far as 2001.

Eugene Kaspersky (file photo) published the details of his research on Friday

Eugene Kaspersky (file photo) published the details of his research on Friday

The disclosure could hurt the NSA's surveillance abilities, already damaged by massive leaks by former contractor Edward Snowden. Snowden's revelations have upset some U.S. allies and slowed the sales of U.S. technology products abroad.

The exposure of these new spying tools could lead to greater backlash against Western technology, particularly in countries such as China, which is already drafting regulations that would require most bank technology suppliers to proffer copies of their software code for inspection.

Peter Swire, one of five members of U.S. President Barack Obama's Review Group on Intelligence and Communications Technology, said the Kaspersky report showed that it is essential for the country to consider the possible impact on trade and diplomatic relations before deciding to use its knowledge of software flaws for intelligence gathering.

'There can be serious negative effects on other U.S. interests,' Swire said.

Technological breakthrough 

Kaspersky's reconstructions of the spying programs show that they could work in disk drives sold by more than a dozen companies, comprising essentially the entire market. They include Western Digital Corp, Seagate Technology Plc, Toshiba Corp, IBM, Micron Technology Inc and Samsung Electronics Co Ltd.

Western Digital, Seagate and Micron said they had no knowledge of these spying programs. Toshiba and Samsung declined to comment. IBM did not respond to requests for comment.

Getting the source code

Raiu said the authors of the spying programs must have had access to the proprietary source code that directs the actions of the hard drives. That code can serve as a roadmap to vulnerabilities, allowing those who study it to launch attacks much more easily.

'There is zero chance that someone could rewrite the [hard drive] operating system using public information,' Raiu said.

Concerns about access to source code flared after a series of high-profile cyberattacks on Google Inc and other U.S. companies in 2009 that were blamed on China. Investigators have said they found evidence that the hackers gained access to source code from several big U.S. tech and defense companies.

It is not clear how the NSA may have obtained the hard drives' source code. Western Digital spokesman Steve Shattuck said the company 'has not provided its source code to government agencies.' The other hard drive makers would not say if they had shared their source code with the NSA.

Seagate spokesman Clive Over said it has 'secure measures to prevent tampering or reverse engineering of its firmware and other technologies.' Micron spokesman Daniel Francisco said the company took the security of its products seriously and 'we are not aware of any instances of foreign code.'

Kaspersky uncovers online spy tools with apparent links to NSA
According to former intelligence operatives, the NSA has multiple ways of obtaining source code from tech companies,including asking directly and posing as a software developer 

According to former intelligence operatives, the NSA has multiple ways of obtaining source code from tech companies,including asking directly and posing as a software developer 

According to former intelligence operatives, the NSA has multiple ways of obtaining source code from tech companies, including asking directly and posing as a software developer. If a company wants to sell products to the Pentagon or another sensitive U.S. agency, the government can request a security audit to make sure the source code is safe.

'They don't admit it, but they do say, "We're going to do an evaluation, we need the source code,"' said Vincent Liu, a partner at security consulting firm Bishop Fox and former NSA analyst. 'It's usually the NSA doing the evaluation, and it's a pretty small leap to say they're going to keep that source code.'

The NSA declined to comment on any allegations in the Kaspersky report. Vines said the agency complies with the law and White House directives to protect the United States and its allies 'from a wide array of serious threats.'

Kaspersky called the authors of the spying program 'the Equation group,' named after their embrace of complex encryption formulas.

The group used a variety of means to spread other spying programs, such as by compromising jihadist websites, infecting USB sticks and CDs, and developing a self-spreading computer worm called Fanny, Kaspersky said.

Fanny was like Stuxnet in that it exploited two of the same undisclosed software flaws, known as 'zero days,' which strongly suggested collaboration by the authors, Raiu said. He added that it was 'quite possible' that the Equation group used Fanny to scout out targets for Stuxnet in Iran and spread the virus. 

Views: 965

Comment

You need to be a member of CaribbeanFever / FeverEyes / CaribFever to add comments!

Join CaribbeanFever / FeverEyes / CaribFever

Comment by Pearl Green on February 20, 2015 at 9:08pm

@DKNY

The bad people are the U.S.!...     This tech is solid connections but not necessary, there is tech much older that could/would never be traced, there is no physical connection, this tech is used for high profile targets.   The tech that is being talked about is used for broad sweep observation. 

Comment by Damian on February 19, 2015 at 12:07pm
Well done Evo you know your stuff. Yes Samsung just recalled some of their smart tvs as apparantly it was capable of recording and sending out info.... Suprise suprise
Comment by evolution on February 19, 2015 at 10:30am

How you doing Marlon? My mother was telling me about Russia from the time before I knew myself. She was hoping that when I become an adult I won’t risk it going there; to see what it looks like since I have my father’s travelling blood inside me. Both Russia, North Korea and Germany saying the same thing about the NSA and I believe them. Do you know that behind every flat screen television, computer and smart phone screen there is a hidden camera and mic that can be turned on remotely without your knowledge by the NAS? No super power can be trusted because at the end of the day, it’s not the citizens their care about but the power of controlling them.

Comment by Marlon brown on February 19, 2015 at 2:28am
Evolution, I don't trust nothing called Russian. Check history and you will see, they have no honor, not even to there own.
Comment by evolution on February 18, 2015 at 11:19am

Marlon you nuts!

Comment by Marlon brown on February 17, 2015 at 10:41pm
Come on people , this revelation was made by the Russians, the king of propaganda. For the most path these people have a grudge for us as a nation , they are the most deceitful , most mendacious, lying people on the face of this planet. If they tell me that Obama is our president , I would have to double check and verify.
Comment by evolution on February 17, 2015 at 3:43pm

@Damian you not easy

Comment by Roots aka TJ What De Ras on February 17, 2015 at 2:38pm
Omg very shocking news. Not.
Comment by GospelPan on February 17, 2015 at 1:33pm

Wow..that's crazy, they found a way to update the firmware software that's imbedded in chips in your computer...that means there's no anti-virus program that can remove them. The only way to get rid of it would be to download the firmware software from the manufacturer and reinstall it...even then, there's no guarantee that's not infected as well.

b.t.w.

The USA can't be forced to do anything, it's the USA that's forcing countries around the world to change their laws to accept certain lifestyles or lose funding.

Comment by Damian on February 17, 2015 at 1:01pm
How about the USA Made up bad people and continues to fund them to justify violating out rights ... Dumbass

Celebrate your BIRTHDAY with CaribbeanFever on 107.5 WBLS, NY

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

FOR ALL YOUR DANCEHALL AND REGGAE NEWS CLICK PIC BELOWreggae dancehall queen 4

}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}

{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{

PUMP IT! or DUMP IT! SAT & SUN NIGHT on Caribbean Fever 107.5 WBLS NY (GET YOUR NEW MUSIC PLAYED) SONG{S} BEING VOTED ON ARE {------ ) and {----- }

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

CARIBBEAN NEWS

Caribbean Fever with the best Caribbean News online!

 

SOME TOP BLOGS

Groups

© 2022   Created by Caribbean Fever.   Powered by

Badges  |  Report an Issue  |  Terms of Service