Three stories have been received which describes Kaspersky's malware analysis and their findings. Perhaps of equal interest is that all three reports suggest that the malware may be linked to the NSA. One also notes CDs sent through the USPS (United States Postal Service) seem to have been intercepted and modified. I'll let you draw your own conclusions and I look forward to the ensuing discussion.
The Newly-Discovered "Equation Group" Deemed World's Top Hackers
Kaspersky declined to publicly name the country behind the spying campaign, but Wired points some possible NSA connections:
Although the researchers have no solid evidence that the NSA is behind the tools and decline to make any attribution to that effect, there is circumstantial evidence that points to this conclusion. A keyword—GROK—found in a keylogger component appears in an NSA spy tool catalog leaked to journalists in 2013. The 53-page document details—with pictures, diagrams and secret codenames—an array of complex devices and capabilities available to intelligence operatives. The capabilities of several tools in the catalog identified by the codenames UNITEDRAKE, STRAITBAZZARE, VALIDATOR and SLICKERVICAR appear to match the tools Kaspersky found. These codenames don’t appear in the components from the Equation Group, but Kaspersky did find “UR” in EquationDrug, suggesting a possible connection to UNITEDRAKE (United Rake). Kaspersky also found other codenames in the components that aren’t in the NSA catalog but share the same naming conventions—they include SKYHOOKCHOW, STEALTHFIGHTER, DRINKPARSLEY, STRAITACID, LUTEUSOBSTOS, STRAITSHOOTER, and DESERTWINTER.
[More after the break.]
In not so surprising news the NSA has yet another method in its IT bag of tricks. From the article:
The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives.
That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations.
My first thoughts were how can I even protect against this?
Now might be a good time for a manufacturer to checksum and sign all firmware versions they release of their drives and provide utilities for validating said checksums.
That being said if they are a US-based supplier how can we even be certain they haven't been "asked" to distribute (and "forget") it by default for their "international" customers.
How “Omnipotent” Hackers Tied to NSA Hid for 14 Years—and Were Found at Last
In 2009, one or more prestigious researchers received a CD by mail that contained pictures and other materials from a recent scientific conference they attended in Houston. The scientists didn't know it then, but the disc also delivered a malicious payload developed by a highly advanced hacking operation that had been active since at least 2001. The CD, it seems, was tampered with on its way through the mail.
It wasn't the first time the operators—dubbed the "Equation Group" by researchers from Moscow-based Kaspersky Lab—had secretly intercepted a package in transit, booby-trapped its contents, and sent it to its intended destination. In 2002 or 2003, Equation Group members did something similar with an Oracle database installation CD in order to infect a different target with malware from the group's extensive library. (Kaspersky settled on the name Equation Group because of members' strong affinity for encryption algorithms, advanced obfuscation methods, and sophisticated techniques.)
Related Stories
The National Archives are asking for volunteers to transcribe thousands of pages of declassified CIA documents. The endeavour is part of Sunshine Week, which is an open-government initiative started by a group of newspaper editors to educate people about the importance of government transparency and the dangers of excessive state secrecy.
You can browse some of the raw documents here.
[Editor's Note: The dates on most of the CIA documents are 25 years old or older, so perhaps are of more interest to amateur historians than government transparency watchdogs.]
(Score: 1, Informative) by Anonymous Coward on Monday February 23 2015, @07:37PM
@#1111
(Score: 0, Redundant) by janrinok on Wednesday March 04 2015, @11:10AM
The AC makes a point - neither a good nor bad one, just a point.
It's always my fault...
(Score: 2, Flamebait) by janrinok on Wednesday March 04 2015, @11:09AM
But those over 60 have fared much better than younger age groups.
State pensions are "triple-locked", which means they have risen by inflation, earnings or 2.5%, whichever is the highest.
As a result many pensioners have seen their incomes rise by a relatively generous amount.
It's always my fault...