The most recent US National Security Agency (NSA) campaign has been detected inserting spying malware deep into hard drives produced by the world’s greatest hard drive providers.
Security professionals at Kaspersky Lab revealed that spyware is actually acting on behalf of the government. The criminals found a way to use the source code in order to infect the firmware of drives produced by companies such as Western Digital, Toshiba, Samsung and many others with malicious malware.
The researchers at Kaspersky did not publicly reveal the name or the country behind the malicious campaign yet. However, Kaspersky Lab confirmed that the attack is linked to the NSA-led Stuxnet which has been used in the past to target Iran or other similar targets.
Attackers put much effort to discover how to insert the spyware into the hard drive firmware. In addition, Costin Raiu, a security expert at Kaspersky Labs, indicated that attackers must have had open access to the source code to adapt the hard drive’s operating system.
In order to restore the data, the user only had to insert a compromised CD or USB drive into a device connected to the Internet.
The NSA did not provide any comments on the reports. However, Reuters announced that former NSA employees indicated that Kaspersky’s report was credible.
Kaspersky Lab identified over a dozen companies that were the victims of NSA, including IBM, Seagate, Western Digital, Samsung and other popular hard drive manufacturers.