US govt can spy on and sabotage computers

By on
US govt can spy on and sabotage computers

The internet is a dangerous place for an unprotected PC.

Everybody knows there are cybercriminals out there looking to steal your information through compromised websites or malicious software, aka malware. But what happens when your own country's government is the one doing the snooping?

The US government has developed spyware designed to invade your computer and sit on your hard drive's firmware, watching everything you do.

According to a report from Kaspersky Lab, the spyware is found deep within the computers of government and military institutions, as well as the computers of telecommunication companies, banks, energy companies, nuclear researchers, media outlets, and Islamic activists.

While only apparent on high-level computers in 30 countries, it's worth noting that almost all are nations of high-interest to the US, including Iran, Russia, Pakistan, Afghanistan, and China.

But what makes a firmware-level malicious software so much more dangerous than the regular threat that your antivirus software quashes?

"For anyone looking to compromise individual machines, having firmware level access is a bit of a holy grail," Chris Boyd, malware intelligence analyst at Malwarebytes, told PC Pro. "These types of infection sit at the deepest possible level, potentially bouncing back even if you wipe your hard drive."

Can anything be done to combat said infection? Chris doesn't seem to think so: "If your firmware is corrupted in this way, you may wish to hurl the drive in the bin and start again."

This certainly sounds like something out of an absurd late-90s sci-fi film, but Kaspersky's findings raise alarm bells about the security and privacy individuals actually have from governments.

While Kaspersky didn't name the country responsible for infiltrating computer hard drives, it's believed the spyware was linked to Stuxnet - a cyberweapon thought to have been created by a US-Israeli partnership, although this has never been proven.

However, Reuters claims to have confirmation from a former NSA employee adding credence to Kaspersky's findings.

Kaspersky's research shows the spyware works on most major hard drives, including those from Western Digital, Segate, Samsung, Toshiba, Micron and IBM.

Interestingly, according to Neowin, Western Digital, Seagate and Micron said they had no knowledge of such spyware existing on their devices, which leaves the question of how it got on there in the first place.

PC Pro has approached Kaspersky Labs for comment on its research, but hadn't received a response at the time of publication.

This article originally appeared at pcpro.co.uk

Copyright © Alphr, Dennis Publishing
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

As a reseller, this year would you prefer to...
Do more business with my current vendors
Add new vendors and grow business with them
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?