“U.S. Embedded Spyware, Report Says”
The New York Times, February 17, 2015, p.B1
“The United States has found a way to permanently embed surveillance and sabotage tools in computers and networks it has targeted in Iran, Russia, Pakistan, China, Afghanistan and other countries closely watched by American intelligence agencies, according to a Russian cybersecurity firm. In a presentation of its findings at a conference in Mexico on Monday, Kaspersky Lab, the Russian firm, said that the implants had been placed by what it called the ‘Equation Group,’ which appears to be a veiled reference to the National Security Agency and its military counterpart, United States Cyber Command. … It detected particularly high infection rates in computers in Iran, Pakistan and Russia, three countries whose nuclear programs the United States routinely monitors. Some of the implants burrow so deep into the computer systems, Kaspersky said, that they infect the ‘firmware,’ the embedded software that preps the computer’s hardware before the operating system starts. It is beyond the reach of existing antivirus products and most security controls, Kaspersky reported, making it virtually impossible to wipe out. In many cases, it also allows the American intelligence agencies to grab the encryption keys off a machine, unnoticed, and unlock scrambled contents. Moreover, many of the tools are designed to run on computers that are disconnected from the Internet, which was the case in the computers controlling Iran’s nuclear enrichment plants. … The fact that security software made by Kaspersky Lab is not used by many American government agencies has made it more trusted by other governments, like those of Iran and Russia, whose systems are closely watched by United States intelligence agencies. That gives Kaspersky a front-row seat to America’s digital espionage operations. Basing its estimate on the time stamps in code, the Kaspersky presentation said the Equation Group had been infecting computers since 2001, but aggressively began ramping up their capabilities in 2008, the year that President Obama was elected, and began doubling down on digital tools to spy on adversaries of America.”
Quickie Analysis: Above my pay grade.