Spying software that could eavesdrop on the majority of the world’s computers undetected has been identified by cyber researchers buried deep within hard drives made by top manufacturers.
The spying program was discovered by the Moscow-based security software Kaspersky Lab in personal computers in over 30 countries including Iran, Russia, Pakistan, Afghanistan and China.
Although the security lab declined to publicly name the country behind the software, it indicated that it was closely linked to Stuxnet, the NSA-led cyber-weapon, pointing the finger at the US intelligence gathering agency.
The targets included government and military institutions, telecommunication companies, banks, energy firms, nuclear researchers and Islamic activists, Kaspersky said.
The report published on Monday also included technical details of its research, which might help infected institutions detect the malware, some of which goes back as far as 2001.
The complexity of the spying program was a “technological breakthrough”, Kaspersky said, because the malicious software was fixed in the obscure code called firmware that launches every time a computer is turned on.
Lead Kaspersky researcher Costin Raiu said the authors of the spying programs must have had access to the proprietary source code that directs the actions of the hard drives. That code can serve as a roadmap to vulnerabilities, allowing those who study it to launch attacks much more easily.
“There is zero chance that someone could rewrite the hard drive operating system using public information,” Raiu said.
A former NSA employee told Reuters that Kaspersky's analysis was correct and that people still in the spy agency valued these espionage programs as highly as Stuxnet. A spokesperson for the NSA said it was aware of the report but would not comment on it, according to the news agency.
Kaspersky has exposed a string of Western cyberespionage operations in the past.