Tuesday, February 17th 2015
NSA Hides Spying Backdoors into Hard Drive Firmware
Russian cyber-security company Kaspersky Labs exposed a breakthrough U.S. spying program, which taps into one of the most widely proliferated PC components - hard drives. With the last 5 years seeing the number of hard drive manufacturing nations reduce from three (Korean Samsung, Japanese Hitachi and Toshiba, and American Seagate and WD) to one (American Seagate or WD), swallowing-up or partnering with Japanese and Korean businesses as US-based subsidiaries or spin-offs such as HGST, a shadow of suspicion has been cast on Seagate and WD.
According to Kaspersky, American cyber-surveillance agency, the NSA, is taking advantage of the centralization of hard-drive manufacturing to the US, by making WD and Seagate embed its spying back-doors straight into the hard-drive firmware, which lets the agency directly access raw data, agnostic of partition method (low-level format), file-system (high-level format), operating system, or even user access-level. Kaspersky says it found PCs in 30 countries with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.
Kaspersky claims that the HDD firmware backdoors are already being used to spy on foreign governments, military organizations, telecom companies, banks, nuclear researchers, the media, and Islamic activities. Kaspersky declined to name the company which designed the malware, but said that it has close ties to the development of Stuxnet, the cyber-weapon used by NSA to destabilize Iran's uranium-enrichment facilities.
Kaspersky claims that the new backdoor is perfect in design. Each time you turn your PC on, the system BIOS loads the firmware of all hardware components onto the system memory, even before the OS is booted. This is when the malware activates, gaining access to critical OS components, probably including network access and file-system. This makes HDD firmware the second most valuable real-estate for hackers, after system BIOS.
Both WD and Seagate denied sharing the source-code of their HDD firmware with any government agency, and maintained that their HDD firmware is designed to prevent tampering or reverse-engineering. Former NSA operatives stated that it's fairly easy for the agency to obtain source-code of critical software. This includes asking directly and posing as a software developer. The government can seek source-code of hard drive firmware by simply telling a manufacturer that it needs to inspect the code to make sure it's clean, before it can buy PCs running their hard-drives.
What is, however, surprising is how "tampered" HDD firmware made it to mass-production. Seagate and WD have manufacturing facilities in countries like Thailand and China, located in high-security zones to prevent intellectual property theft or sabotage. We can't imagine tampered firmware making it to production drives without the companies' collaboration.
Source:
Reuters via Yahoo
According to Kaspersky, American cyber-surveillance agency, the NSA, is taking advantage of the centralization of hard-drive manufacturing to the US, by making WD and Seagate embed its spying back-doors straight into the hard-drive firmware, which lets the agency directly access raw data, agnostic of partition method (low-level format), file-system (high-level format), operating system, or even user access-level. Kaspersky says it found PCs in 30 countries with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.
Kaspersky claims that the new backdoor is perfect in design. Each time you turn your PC on, the system BIOS loads the firmware of all hardware components onto the system memory, even before the OS is booted. This is when the malware activates, gaining access to critical OS components, probably including network access and file-system. This makes HDD firmware the second most valuable real-estate for hackers, after system BIOS.
Both WD and Seagate denied sharing the source-code of their HDD firmware with any government agency, and maintained that their HDD firmware is designed to prevent tampering or reverse-engineering. Former NSA operatives stated that it's fairly easy for the agency to obtain source-code of critical software. This includes asking directly and posing as a software developer. The government can seek source-code of hard drive firmware by simply telling a manufacturer that it needs to inspect the code to make sure it's clean, before it can buy PCs running their hard-drives.
What is, however, surprising is how "tampered" HDD firmware made it to mass-production. Seagate and WD have manufacturing facilities in countries like Thailand and China, located in high-security zones to prevent intellectual property theft or sabotage. We can't imagine tampered firmware making it to production drives without the companies' collaboration.
134 Comments on NSA Hides Spying Backdoors into Hard Drive Firmware
Risk vs reward anaylsis: This would've come to light way sooner if they did that. No. They aren't that stupid.
We'll have to wait for a detection tool to find out for sure.
The blockchain does hold some interesting data when anaylzed. None of it is anything other than a mild curiosity however.
Yes, focusing only on the HDD firmware stuff is scaremongering (LOL), but the entiretyof the thingis very interesting. I can't understand why anyone wouln't be interested, this is James Bond stuff!
All of those countries on the list are of particular CIA/NSA interest. North Korea would probably be on the list too but they don't use Kaspersky.I highly doubt it was deliberate. If Seagate/Western Digital knew what the NSA was up to, they'd sue the NSA for IP theft and most likely win.
Remember: the NSA successfully sabotaged Iran's centrifuges; 'nuff said.
just like any police station.. there is probably at least one cop that you could call dirty but when it comes down to it that cop would save your life from a real criminal.
I'm a united states citizen and I love my country and thank god I dont live in russia or the middle east. I cant count on all my finger and toes all the people in my family alone that have served in the military and worked for various government organizations. I would be in the military myself but I cant because I have crohns disease.
what is new about this? nothing at all.. they do what they do and you have nothing to worry about if your not breaking laws.
if countries want to scared about american made technology and not buy it so what.. no awesome Intel cpu's for you then.
we could use our industry and jobs back anyway... some of the stuff we get from other parts of the world is serious crap that we dont need at all.
yup load up the manufacturing lines with the lowest quality stuff we got since this order is going to the united states even though they will come in guns blazing for us if we ever ask for help.
Let me paraphrase: "you have nothing to worry about if" if you're an obedient government pawn. Step out of line and they know more about you than you know about yourself. Information is power.
It's a scary world we live in and people saying things like "if you've got nothing to hide, why worry?" really need to think about what they are endorsing.
But now *I* am getting too political... :P
Believe it or not nearly everyone thinks they are doing good. Doesn't matter what it is. And the propaganda apparently works great to divide people along ideological lines that make no sense. How do you think the Nazis came to being, and every other similar regime? Atrocities are committed by "good" people just doing their job and following the herd. It's easy to believe it's right and good when most everyone around you is doing the same thing. Demonize a group and then pile on. And the few who protest are traitors, cowards, terrorists. Which makes it that much easier to decide to go along. Not many are willing to risk their lives for a principal... particularly when doing so would be futile.
None of the totalitarian regimes in the past had anything like the kind of information the NSA is accumulating. Add to that the drone and robotic advances that will soon make it easy for a handful of people under the auspices of the government to wield incredible power over a large population.
The guys who founded this country were well aware of the dangers of power. This is power like the world has never seen before and should be illegal according to our constitution... but for some reason it's allowed.
there is a campaign of fear and it will render us all weak and powerless if we let it
if you like rock music and some food for thought.. tool showed me many things about what we all really are
Fear is exactly how this whole thing is sold. Be very afraid of what the "terrorists" will do. Save us Big Brother! We have nothing to hide... we trust you... we *love* you!
yeah.... the NSA is all above-board...
firstlook.org/theintercept/2015/02/19/great-sim-heist/
He had two choices after spilling the beans. Come back to the US and spend the rest of his life in jail, or seek asylum. Russia was the only place he was safe. When the Bolivian president (while at a meeting in Russia) stated that Snowden might be allowed asylum, his plane was redirected and searched on the way home. So ya... leaving Russia could be risky.