NSA managed to create a smart virus that can hide in a hard drives own firmware
Ron Czapala
Posts: 2,418
https://bgr.com/2015/02/17/nsa-hard-drive-firmware-virus/
Russian researchers expose breakthrough U.S. spying program
http://www.reuters.com/article/2015/02/16/us-usa-cyberspying-idUSKBN0LK1QV20150216Drives from multiple companies have been found to contain the virus, including Western Digital, Seagate, Toshiba, IBM, Micro Technology and Samsung. Of those, Western Digital, Seagate and Micron said they have no knowledge of the matter, while Toshiba and Samsung did not comment.
According to Kaspersky, getting the malicious code into a drives firmware is not an easy task, and cant be done with help of public tools, meaning that the NSA had to have access to source codes for hard drives produced by these companies.
Russian researchers expose breakthrough U.S. spying program
(Reuters) - The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives.
That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations.
Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said.
Comments
It's exactly this kind of thing he has been warning about since forever, but many refused to take him seriously.
Now, what about all those other embedded controllers in our systems, SD cards, USB devices, etc etc.
I have never actually visited a physcial branch of my main bank. It is all on-line and far far away in the USA in a state I haven't been to in nearly 50 years. Should I worry?
Welcome to Cyberia. I guess all these hard disk hacks would have to be done at factories in Thailand, Malaysia, or maybe Mexico.
Could it be that everything is safe in storage on the Cloud? (Nah....)
Or Kaspersky is a KGB front that is retaliating for Russia with mis-information.
On the other hand, if I just keep my computer turned off --- nothing can happen to the hard-disk, right?
BTW, your SIM card may not be secure either.
http://www.engadget.com/2015/02/20/gemalto-investigates-spy-hacks/
So far so good. But what happens when governments, regimes change? What happens when America, or other place, get's an other scourge like the McCarthy witch hunts of the 1950's, although about some other issue perhaps, and you are on the wrong side?
What happens when you have found a good deal but mysteriously find someone has put a road block in your path or got there before you. Corruption in government is not rare. And now government has everything at it's finger tips.
So yes, I find "Cyberia" disturbing and will always encourage the young to think about it. Seems increasingly more are doing so. You and I are probably to old to have much of a stake in that future though.