Western Digital Claims to Be Unaware of Alleged NSA Spy Program

WASHINGTON (Sputnik) — US computer hardware manufacturer Western Digital had no prior knowledge of an alleged US National Security Agency (NSA) program that infiltrated computer hardware to spy on foreign entities, a company representative told Sputnik on Tuesday.

“Prior to the report, we had no knowledge of the described cyber-espionage program. We take such threats very seriously. The integrity of our products and the security of our customers’ data are of paramount importance to us,” Western Digital’s Media Relations Director Steve Shattuck said.

On Monday, the Russia-based computer security company Kaspersky Labs published a report documenting an advanced hacking operation conducted by a group dubbed the Equation Group. The cybersecurity firm revealed the program had led to approximately 500 infections in at least 30 countries, including Russia, Iran, Pakistan, Afghanistan, India, and Syria.

The program targeted banks, foreign governments, embassies, energy and infrastructure, militaries, media, telecommunications sectors and Islamist groups, Kaspersky said. While Kaspersky declined to state that NSA was behind the program, it did say the program was linked to Stuxnet, an NSA program designed to slow down Iran’s nuclear program.

According to Kaspersky, a spy agency was able to place malicious software code in the firmware of hard drives. Unlike traditional malicious software, the firmware spying program would enable the spy agency to control and monitor computers without being detected. The Kaspersky report did not mention how a spy agency was able to install malicious hardware and gain access to privately held proprietary source code information to target foreign computers for espionage.

Shattuck said Western Digital was constantly evaluating how to protect hardware drives and customer data.

“We are in the process of reviewing the report from Kaspersky Labs and the technical data set forth within the report,” Shattuck said.

Responding to Sputnik requests, the NSA said the spy agency is aware of the Kaspersky report but would not comment publicly.

“The U.S. Government calls on our intelligence agencies to protect the United States, its citizens, and its allies from a wide array of serious threats — including terrorist plots from al-Qaeda, ISIL, and others; the proliferation of weapons of mass destruction; foreign aggression against ourselves and our allies; and international criminal organizations,” NSA said, adding that the agency complies with presidential decrees governing signals intelligence gathering.

A January 2014 Presidential Policy Directive on signals intelligence said some spy activities pose a risk to the United States’ commercial interests, including a potential loss of trust in US firms.