The U.S. has succeeded in embedding virtually untouchable “implants” that are capable of spying on and even damaging foreign computer networks, according to a new report from a Russian cybersecurity company.
Kaspersky Lab says the malicious spyware is the work of a shadow entity called the Equation Group, which has allegedly infiltrated networks in Iran, Russia, Pakistan and Afghanistan. The report says India, China and Syria are some of the other nations with a “high infection rate.”
According to Kaspersky, the implants are different from other cyberattacks in that they directly infect a computer’s firmware — the software that links directly to the hard drive.
This means that it is beyond the reach of most antivirus and security products, and is immune to efforts to wipe clean or even replace hard drives since it can be recalled at will. It also has the ability to unravel a system’s encryption and permanently store data in a hidden area, says Kaspersky.
“It means that we are practically blind and cannot detect hard drives that have been infected by this malware,” said Costin Raiu, director of Kaspersky Lab’s Global Research and Analysis Team.
“Your computer won’t boot up and you can’t use it,” Andrew Regenscheid of the National Institute of Standards and Technology told the New York Times in an interview, explaining the effect of a firmware infection. “You have to replace the computer to recover from that attack.”
More Must-Reads from TIME
- Why Trump’s Message Worked on Latino Men
- What Trump’s Win Could Mean for Housing
- The 100 Must-Read Books of 2024
- Sleep Doctors Share the 1 Tip That’s Changed Their Lives
- Column: Let’s Bring Back Romance
- What It’s Like to Have Long COVID As a Kid
- FX’s Say Nothing Is the Must-Watch Political Thriller of 2024
- Merle Bombardieri Is Helping People Make the Baby Decision
Write to Rishi Iyengar at rishi.iyengar@timeasia.com