Advertisement

NSA spyware hiding hard drives made by WD, Seagate and others report says

by Brandon Russell | February 17, 2015February 17, 2015 9:00 pm PDT

encryption-NSA-spying_SS_127879991_090613-617x416

Russian security researchers from Kaspersky Lab claim the NSA has found a way to hide spying software deep inside hard drives, giving the agency free reign to eavesdrop on your computer activity.

Kaspersky alleges the “closely guarded” ability is part of a larger spying conspiracy originating from Western cyberespionage operations—dubbed “the Equation group”—which is targeting government and military institutions overseas. Hard drives affected by the operation include those made by top names like Seagate, Western Digital, Toshiba, Samsung and more; the very same technology found inside your laptop/desktop.

Some of the spying programs trace back as far as 2001, according to Kaspersky. The research firm said it spoke to a former NSA employee who apparently confirmed the research; one of the spying programs identified is closely linked to Stuxnet, which was used to attack Iran’s uranium enrichment facility. Another former NSA employee told Reuters that concealing spyware in hard drives is one of the agency’s prized spying methods, because it’s discreet and difficult to identify.

Kaspersky completely breaks down how the spyware works, including how institutions affected by the software can detect if they’ve been hit. The technology is apparently lodged in a hard drive’s firmware, which launches every time a computer turns on. This allows the software to infect the computer over and over, making it easy for spies to view disk drive information.

According to Kaspersky’s Costin Raiu, the spies managed to gain access to source code that directs the actions of the hard drives, allowing the spies to easily launch these attacks. Kaspersky didn’t offer any theories as to how they gained access to the source code—spokesman for Western Digital and Seagate said they take security seriously, and did not provide source code to any government agencies. One former operative said spies will sometimes act as a software developer to obtain source code.

A handy graph is pasted below to show the breadth of the Equation infection, which spans several countries across the globe.

CYBERSECURITY-USA

Yahoo

Brandon Russell

Brandon Russell enjoys writing about technology and entertainment. When he's not watching Back to the Future, you can find him on a hike or watching...

Advertisement

Advertisement

Advertisement