Watching Everyone: NSA Hides Snooper Spyware on Gov't Hard Drives Worldwide

MOSCOW (Sputnik) — Spying software has been hidden on computer hard drives in countries all over the world, targeting governments and financial institutions, among other victims, says new research by Kaspersky Lab, a Moscow-based antivirus and internet security software company.

Kaspersky calls hackers behind the espionage program the 'Equation Group', and in the security firm's estimation, the group's malware has infected computers in more than 30 countries, including Afghanistan, China, Iran, Pakistan, Syria, and Russia.

While Kaspersky Lab has not linked the Equation Group to any organization in particular, Reuters reported on Monday that the US National Security Agency (NSA) was responsible for the spyware. Kaspersky noted only that the spying campaign was strongly linked to Stuxnet, an NSA cyberweapon once used to to carry out cyberattacks on Iran's nuclear program. A former NSA operative told Reuters that concealing spyware on computer hard drives made by firms such as Digital Corp, IBM, Micron, Samsung, Seagate, Toshiba, and Western Digital had become a "prized technique" of the NSA, with another ex-intelligence employee saying that the security agency valued these programs very highly.

The victims of the spying software consist of the PCs of over 500 organizations worldwide, including government and military institutions, telecommunications firms, companies in the energy sector, nuclear researchers, financial institutions, media, and cryptography companies, as well as Islamic activists, Kaspersky Lab said. Along with Iran, Russian government and military institutions and energy companies are believed to have been among the most active targets of the malware. The Kaspersky report, released Monday, revealed that some of these spyware programs trace back nearly fifteen years, lodged in the firmware of computers, enabling it to infect machines repeatedly.

The US National Security Agency has been under intense scrutiny at home and abroad since 2013, when NSA whistleblower Edward Snowden confirmed massive global surveillance programs conducted without a warrant and the agency's habit of sifting through databases in search of information on private US and foreign citizens, as well as that of leaders of allied countries.

Robert Steele, a former CIA case officer turned open-source intelligence activist, told RT that clandestine NSA intelligence-collecting programs go back to the 1980s, and that "for 25 years, not only has the US government refused to be responsible about cybersecurity, but they have allowed the NSA to put in so many infantile backdoors, that it was NSA that created the hacker's paradise, and nobody else!"

Some experts now fear that the revelation of these new spying tools may result in a move away from Western computer software and hardware firms, given that it is unclear just how the NSA was able to obtain hard drives' source code. In the US, the government is able to request the code in the form of a security audit to make sure the source code is safe. China is in the process of drafting regulations for banking-related technology suppliers to provide the government with copy of software coding for inspection, Reuters explained.