NSA has infected computer hardware with spyware at the firmware level: even NEW computers are infected from day one

The National Security Agency no longer needs computers to be connected to the Internet in order to spy on the vast majority of computer users.

A top Russian security software maker has discovered that personal computers in some 30 countries have been infected with surveillance programs that the U.S. spy agency had placed inside them during the manufacturing process. What’s more, the Russian firm notes, the process has been going on for more than a decade.

As reported by Britain’s Daily Mail newspaper, in its online edition:

The Moscow-based security software maker Kaspersky Lab said it has found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.

The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists.

“Almost two decades“

Kaspersky says that the NSA began infecting computers in 2001, but that the effort was increased following the election of Barack Obama as president in 2008.

In comments to the Daily Mail, Kaspersky noted that the level of deceit “surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades.”

In addition, hard drive manufactures were not even aware that the NSA was installing the spying programs, with the agency obtaining source codes by going as far as posing as software developers, say former intelligence operatives. In addition, the agency would tell companies that the federal government required them to undergo a security audit, in order to make sure their source code was safe.

Kaspersky says that NSA operatives managed a technological breakthrough after discovering how to place malicious software in the hardware-based code known as firmware, which launches every time a computer is turned on.

Firmware on disk drives is considered as the second-most valuable space on a PC for a hacker, say spies and cyber security experts. First is a computer’s BIOS code, which is referenced during the computer boot-up phase.

“The hardware will be able to infect the computer over and over,” said lead Kaspersky researcher Costin Raiu in an interview with the British publication.

“Stuxnet”

Raiu said that the NSA has been selective about which machines it sought to fully control remotely, choosing the most desirable foreign targets. He said that, technically, the still-active program could enable the spy agency to take control over thousands of PCs, thus giving the NSA the capability to steal files or eavesdrop on just about anything. He further stated that his firm only discovered a few especially high-value computers that had been infected.

The cybersecurity firm did not publicly name the country behind the massive spying campaign, but noted that it was linked closely to the Stuxnet worm/virus, which is an NSA-led cyber-attack weapon used to disable portions of Iran’s uranium enrichment processes in recent years. Reports stated that the U.S. and Israel may have been behind those Stuxnet attacks.

In June 2012, The New York Times reported:

Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

Raiu, a former NSA employee according to the Daily Mail, told British newswire service Reuters that Kaspersky’s analysis was spot-on, and that there were people still working for NSA who valued the computer espionage programs as much as they did Stuxnet.

“Another former intelligence operative confirmed that the NSA had developed the prized technique of concealing spyware in hard drives, but said he did not know which spy efforts relied on it,” the Mail reported.

Sources:

http://www.dailymail.co.uk

http://www.nytimes.com