The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations. Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists.
The hardware will be able to infect the computer over and over.
Lead Kaspersky researcher Costin Raiu
The disclosure could further hurt the NSA’s surveillance abilities, already damaged by massive leaks by former contractor Edward Snowden. Kaspersky’s reconstructions of the spying programs show that they could work in disk drives sold by more than a dozen companies, comprising essentially the entire market. The exposure of these new spying tools could lead to greater backlash against Western technology, particularly in countries such as China, which is already drafting regulations that would require most bank technology suppliers to proffer copies of their software code for inspection.