The U.S. has succeeded in embedding virtually untouchable “implants” that are capable of spying on and even damaging foreign computer networks, according to a new report from a Russian cybersecurity company.
Kaspersky Lab says the malicious spyware is the work of a shadow entity called the Equation Group, which has allegedly infiltrated networks in Iran, Russia, Pakistan and Afghanistan. The report says India, China and Syria are some of the other nations with a “high infection rate.”
According to Kaspersky, the implants are different from other cyberattacks in that they directly infect a computer’s firmware — the software that links directly to the hard drive.
This means that it is beyond the reach of most antivirus and security products, and is immune to efforts to wipe clean or even replace hard drives since it can be recalled at will. It also has the ability to unravel a system’s encryption and permanently store data in a hidden area, says Kaspersky.
“It means that we are practically blind and cannot detect hard drives that have been infected by this malware,” said Costin Raiu, director of Kaspersky Lab’s Global Research and Analysis Team.
“Your computer won’t boot up and you can’t use it,” Andrew Regenscheid of the National Institute of Standards and Technology told the New York Times in an interview, explaining the effect of a firmware infection. “You have to replace the computer to recover from that attack.”
- The Fall of Roe and the Failure of the Feminist Industrial Complex
- What Trump Knew About January 6
- Follow the Algae Brick Road to Plant-Based Buildings
- The Education of Glenn Youngkin
- The Benefits and Challenges of Cutting Back on Meat
- Here's Everything New on Netflix in July 2022—and What's Leaving
- Women in Northern Ireland Still Struggle to Access Abortion More Than 2 Years After Decriminalization