NSA surveillance program embedded spyware in hard drives2015-02-17 10:59 by Daniela
Tags: NSA, firmware
Kaspersky Lab this week revealed a new surveillance campaign of the US National Security Agency (NSA) that has been active for at least 14 years and is considered as severe as Stuxnet. The agency has successfully embedded nearly-invisible spying software into hard drives of different manufacturers. The virus was injected in the firmware of the drives that boots up when the PC is turned on.
According to Kaspersky, getting the malicious code into a drive's firmware wouldn't be possible without the help of the manufacturers.
"Theoretically, we were aware of this possibility, but as far as I know this is the only case ever that we have seen of an attacker having such an incredibly advanced capability," said Costin Raiu, director of Kaspersky Lab's global research and analysis team, in a phone interview Monday.
Among the affected brands are: Seagate, Toshiba, Samsung and other top manufacturers. Target of the campaign were institutions in countries including Iran, Russia, Pakistan, Afghanistan, India and China.
Regular anti-virus programs would not discover the malware, and computers with such drives inside would offer all the information available on them to the spy agency controlling them.
Read more -here-