Russian researchers Kaspersky Lab has uncovered surveillance platforms that hide in the firmware of hard drives. The hard drives of more than a dozen manufacturers are compromised, according to TechSpot.com. 500 computers in more than 30 countries have been affected by the malware.
The first instance of the infected hard drives began in 2001, which each new version surpassing the earlier in sophistication. The hard drive gives attackers the ability to take over an entire system, steal data, and monitor what the victim does, according to Wired. Kaspersky is calling the attackers the “Equation Group.” The spyware may have been involved in Stuxnet, a digital attack on Iranian computers in 2007. This is the most sophisticated spyware to date.
The researchers have not stated directly who they believe is behind the malware but some evidence points to the NSA. Over the past decade, military, government, nuclear research facilities, the media, nanotechnology researchers, extremist Islamic activists and scholars, and other individuals have been attacked in over 30 countries.
For the NSA to hide the surveillance system in the hard drives, they would have to had physically interrupt shipments, load the malware, repackage, then send them on to victims, or they would have posed as software developers and ask hard drive manufacturers for their source code.