Recently, it has been revealed about the way for hiding any spying software deeply within the hard drive manufactured by Western Digital, Seagate, Toshiba and others. It has been illustrated by the U.S. National Security Agency.
PC’s of around 30 countries (including Iran, Afghanistan, Pakistan, China, Mali, Syria, Russia, Yemen and Algeria) has been contaminated with this spying programs, said by Kaspersky. Further, they are also targeting to military and government institutions, banks, nuclear energies, telecommunication companies and Islamic activities. On the same side, Kaspersky refuse to figure the company which actually has craft the malware, but it hints very little that this malware has close ties to Stuxnet development, the cyber-weapon used by NSA in order to destabilize Iran’s uranium-enrichment facilities.
As per Kaspersky, NSA, the American cyber-surveillance agency is taking great benefit of hard-drive manufacturing centralization to the US, by producing WD and Seagate implant its vigil back-doors simply into the hard-drive firmware. This helps the agency to access raw data, nescient of partition method, file-system, user access-level or even operating system.
Kaspersky also claims that this highly perilous backdoor has been designed very perfectly. Technological breakthrough has been discovered by the secret agent that details about how to club spiteful software in the vague code called firmware which do have capability to get launched every-time when PC reboots. Even, it get loaded before the launching of OS. Right after getting activated, it simply and easily gains access to the critical OS components, likely file-system and network access making this HDD firmware as the second most valuable real-estate for hackers, after system BIOS.
Both Seagate and WD denied for sharing HDD firmware source-code with any government agency. Also, they maintained that HDD firmware designed by them is to prevent meddling or reverse-engineering. Apart, Former NSA operatives expressed that it’s quite easy even for the agency in order to acquire source-code of captious software. It consider asking straightly and posing as a software developer.
That is the government can look for the source-code of hard drive firmware through telling a maker that it requires to examine the code so as to make sure that it is clean before buying any PCs running their hard-drives.
To the authors of this spying program, Kaspersky called them “the Equation group,” after their clasp of complex encryption formulas. Since, the group used several means in order to dispersed other spying programs, such as by yielding jihadist websites, polluting USB sticks and CDs, or by creating a self-spreading system malware called Fanny, said by Kaspersky.
The most surprising part is that, how “tampered” HDD firmware made it to mass-production. In countries like Thailand and China, located in high-security zones, Seagate and WD have creating facilities to forbid intellectual property theft or sabotage. We actually can’t think of tampered firmware devising it to production drives without the companies’ cooperation.