Kaspersky Labs, the Russia-based computer security firm, has published a detailed analysis of what is almost certainly an NSA hack that has affected computers in at least 42 countries, some of them U.S. allies. Kaspersky calls the author of the malware the “Equation Group,” but there’s little question its the United States, and specifically the NSA.
Even by WC’s geeky standards, the details of the hack are, well, geeky, but here’s the heart of it: NSA has devised malware that places itself in an undetectable, unerasable part of a computer. The malware is designed so that if you reformat your hard drive – until now, the final solution for dealing with malware – the next time your start your computer up the undetectable, unreadable bits re-installs the whole malware package.
And the malware gives the NSA a full menu of options, providing the government with everything from tracking your keystrokes to snaring your passwords to defeating your encryption and giving the NSA full access to each and every byte of data on your computer and any network to which it is connected. Ars Technica describes it:
Taken together, the accomplishments led Kaspersky researchers to conclude that Equation Group is probably the most sophisticated computer attack group in the world, with technical skill and resources that rival the groups that developed Stuxnet and the Flame espionage malware.
Now that’s just spiffy and wonderful when the NSA is going after genuine bad guys. But there are at least two problems: who are the “bad guys” and how does NSA keep the malware from finding its way into the hands of cybercrooks and other enemies.
Who knew that Great Britain was a “bad guy.” But they must be because the NSA has placed the malware package on dozens, perhaps hundreds of computer systems in the United Kingdom. And the Swiss. You see, if you have a really wonderful secret tool that lets you spy on your enemies, sometimes the temptation to spy on your friends is hard to resist. Just ask German Chancellor Angela Merkel.
But the really scary part is that the secrets are now out. It won’t be long before Chinese and Russian hackers have reverse-engineered the NSA’s malware, have it as a tool, and are installing it on U.S. computer systems. What goes around comes around. The crooks have already gone through U.S. protections like a hot knife through butter. Each week we read of new “penetrations,” ranging from Target Stores to Anthem Insurance. And those are the ones we know about. Now those thieves have even better tools, the kind of tools that are designed to be unstoppable. Undetectable.
You cannot stuff genies back into bottles. You can’t re-close the can of worms. Welcome to the brave new world the NSA has created for all of us.
Don’t say it won’t happen; say instead it is inevitable.