The NSA has reportedly found ways to avoid even the strongest security measures

The U.S. intelligence community has found ways to avoid even the strongest of security measures and practices, a new report from Moscow-based Kaspersky Lab suggests, demonstrating a range of technological accomplishments that place the nation's hackers as among the most sophisticated and well resourced in the world.

Hackers who are part of what the cybersecurity researchers call "Equation Group" have been operating under the radar for at least 14years, deploying a range of malware that could infect hard drives in a wayalmost impossible to remove and cold hide code in USB storage devicesto infiltratenetworks kept separate from the Internet for security purposes.

Kaspersky's report did not say the U.S. government wasbehind the group. But it did say the group was closely linked to Stuxnet -- malware widely reported to have been developed by the National Security Agency and Israel that was used in an attack against Iran's uranium enrichment program -- along with other bits of data that appear to align with previous disclosures. Reuters further linked the NSA to the Kaspersky report, citing anonymous former employees of the agency who confirmed Kaspersky's analysis.

NSA spokesperson Vanee Vines said in a statement that the agency was aware of the report, but would not comment publicly on any allegations it raises.

The Kaspersky report shows a highly sophisticated adversarythat has found ways to worm itself into computers with even the strongest of security measures in place. This matches up with what we know about other NSA efforts from documents leaked by former NSA contractor Edward Snowden, which showed efforts to undermine encryption and evade the protections major tech companies used to guard user data.

But the new report paints a more detailed picture of the breadth of the agency's reported offensive cyber arsenal. And unlike other recent revelations about U.S. government snooping, which have largely come from Snowden, the insights from Kaspersky came from examining attacks found in the digital wild. Victims were observed in more than 30 countries, withIran, Russia, Pakistan and Afghanistan having among the highest infection rates, according to the report.

One of the most sophisticatedattacks launched by theEquation Group lodged malware deep into hard drives, according to Kaspersky. It worked by reprogramming the proprietary code, called firmware, built into the hard drives themselves. That allowed for persistent storage hidden inside a target system that could survive the hard drive being reformatted or an operating system being reinstalled, the report says.

The code uncovered by Kaspersky suggests the malware was designed to work ondisk drives of more than a dozen major manufacturers -- including those from Seagate, Western Digital, Toshiba, IBM and Samsung. But the report also notes that this particular technique seemed to be rarely deployed, suggesting that it was used only on the most valuable victims or in unusual circumstances.

The Kaspersky report also said the group found ways to hide malicious files within aWindows operating system database on the targets' computer known as the registry -- encrypting and stashing the files so that they would be impossible to detect using antivirus software.

Equation Group also found ways to infiltratesystemsthat were kept off the Internet for security purposes -- commonly known as "air-gapped" networks. Malware used by the hackers relied on infected USB sticks to map out such networks -- or even remotely deploy code on them, according to the report.

Go here to see the original:

The NSA has reportedly found ways to avoid even the strongest security measures

Related Posts

Comments are closed.