By Jamie Hinks
A new US National Security Agency (NSA) spying campaign has been uncovered that involved baking spying software deep inside hard drives made by some of the world’s largest hard drive manufacturers.
Security researchers from Kaspersky Lab discovered that spies acting on behalf of the government found a way to exploit the source code to place malicious software in the firmware of drives made by the likes of Western Digital, Seagate, Toshiba, Samsung and many more.
Kaspersky declined to publicly name and shame the country behind the program yet it did confirm it is closely linked to the NSA-led Stuxnet cyberweapon that has been used against targets such as Iran in the past.
Spies worked hard to find out how to bake malicious software into the hard drive firmware and Kaspersky researcher Costin Raiu explained that the authors must have had access to the proprietary source code in order to rewrite the hard drive operating system.
To recover the information all that needed to happen was for the user to insert an infected CD or USB drive into a PC connected to the internet.
The NSA didn’t comment on the reports although Reuters spoke to a former NSA employee who confirmed that Kaspersky’s analysis …read more