Is our cybersecurity as a populace in the United States safe?
According to the Moscow-based security software maker, Kaspersky Lab, Americans may have another reason to not trust their government. The company recently revealed that the U.S. National Security Agency, or NSA, has developed a method to disguise and hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba, IBM, Samsung, and other top manufacturers. With this, the agency can now eavesdrop on the majority of the world's computers according to The Huffington Post.
One or more of the NSA spying programs infect personal computers in about 30 countries. Infections are diagnosed as taking place in Algeria, Yemen, Mali, Syria, China, Afghanistan, Pakistan, and Russia, with the most originating out of Iran. According to Kaspersky (via The Huffington Post), targets are mostly Islamic activists, media, government and military institutions, energy companies, nuclear researchers and banks.
Kaspersky has gone on record saying that the NSA could "conduct surveillance on the majority of the world's computers." Kaspersky also reports that it found a series of different backdoors and detected the variants throughout different countries around the globe. Although the Moscow-based firm does not explicitly name the NSA, according to Reuters, the software used is linked to Stuxnet — a worm developed by the NSA. A former NSA employee confirmed to Reuters that it "had developed the prized technique of concealing spyware in hard drives."
A collective known as The Equation Group has been called the authors of the backdoors utilized in hard drives. Meanwhile, the NSA has refused to comment on its alleged activities. To break down just how The Equation Group's backdoors work, consider this: Backdoors rely on malicious software in the firmware of hard drives, which prompt every time a computer boots. Kaspersky claims that the software represents a "technological breakthrough" which allows it to "infect the computer over and over again" and would have required access to proprietary source code to develop.
The firm has published its research, which you can read for yourself here, and the infected institutions are hoping to use this information to discover the malignant spyware on their networks. The secret project is said to have been going on since 2001, so you can imagine how many hard drives have been affected. With that said, researchers are claiming that those operating the backdoors have been highly selective and "only established full remote control over machines belonging to the most desirable foreign targets."
So, that means unless you're a top scientist with premium access to launch codes or a radical activist, you're probably not on anyone's radar...for now.