Monthly Archives: February 2015

U.S. Embedded Spyware Overseas, Report Claims

U.S. Embedded Spyware Overseas, Report Claims

SAN FRANCISCO — The United States has found a way to permanently embed surveillance and sabotage tools in computers and networks it has targeted in Iran, Russia, Pakistan, China, Afghanistan and other countries closely watched by American intelligence agencies, according to a Russian cybersecurity firm.

In a presentation of its findings at a conference in Mexico on Monday, Kaspersky Lab, the Russian firm, said that the implants had been placed by what it called the “Equation Group,” which appears to be a veiled reference to the National Security Agency and its military counterpart, United States Cyber Command.

It linked the techniques to those used in Stuxnet, the computer worm that disabled about 1,000 centrifuges in Iran’s nuclear enrichment program. It was later revealed that Stuxnet was part of a program code-named Olympic Games and run jointly by Israel and the United States.

Kaspersky’s report said that Olympic Games had similarities to a much broader effort to infect computers well beyond those in Iran. It detected particularly high infection rates in computers in Iran, Pakistan and Russia, three countries whose nuclear programs the United States routinely monitors.

Photo

Eugene KasperskyCreditStephen McCarthy/Sportsfile for Web Summit

Some of the implants burrow so deep into the computer systems, Kaspersky said, that they infect the “firmware,” the embedded software that preps the computer’s hardware before the operating system starts. It is beyond the reach of existing antivirus products and most security controls, Kaspersky reported, making it virtually impossible to wipe out.

In many cases, it also allows the American intelligence agencies to grab the encryption keys off a machine, unnoticed, and unlock scrambled contents. Moreover, many of the tools are designed to run on computers that are disconnected from the Internet, which was the case in the computers controlling Iran’s nuclear enrichment plants.

Kaspersky noted that of the more than 60 attack groups it was tracking in cyberspace, the so-called Equation Group “surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades.”

Kaspersky Lab was founded by Eugene Kaspersky, who studied cryptography at a high school co-sponsored by the K.G.B. and once worked for the Russian military. Its studies, including one describing a cyberattack of more than 100 banks and other financial institutions in 30 countries, are considered credible by Western experts.

The fact that security software made by Kaspersky Lab is not used by many American government agencies has made it more trusted by other governments, like those of Iran and Russia, whose systems are closely watched by United States intelligence agencies. That gives Kaspersky a front-row seat to America’s digital espionage operations.

The firm’s researchers say that what makes these attacks particularly remarkable is their way of attacking the actual firmware of the computers. Only in rare cases are cybercriminals able to get into the actual guts of a machine.

In the past, security experts have warned about “the race to the bare metal” of a machine. As security around software has increased, criminals have looked for ways to infect the actual hardware of the machine. Firmware is about the closest to the bare metal you can get — a coveted position that allows the attacker not only to hide from antivirus products but also to reinfect a machine even if its hard drive is wiped.

“If the malware gets into the firmware, it is able to resurrect itself forever,” Costin Raiu, a Kaspersky threat researcher, said in the report. “It means that we are practically blind and cannot detect hard drives that have been infected with this malware.”

The possibility of such an attack is one that math researchers at the National Institute of Standards and Technology, a branch of the Commerce Department, have long cautioned about but have very rarely seen. In an interview last year, Andrew Regenscheid, a math researcher at the institute, warned that such attacks were extremely powerful. If the firmware becomes corrupted, Mr. Regenscheid said, “your computer won’t boot up and you can’t use it. You have to replace the computer to recover from that attack.”

That kind of attack also makes for a powerful encryption-cracking tool, Mr. Raiu noted, because it gives attackers the ability to capture a machine’s encryption password, store it in “an invisible area inside the computer’s hard drive” and unscramble a machine’s contents.

Kaspersky’s report also detailed the group’s efforts to map out so-called air-gapped systems that are not connected to the Internet, including Iran’s nuclear enrichment facilities, and infect them using a USB stick. To get those devices onto the machines, the report said, the attackers have in some cases intercepted them in transit.

Documents revealed by the former National Security Agency contractor Edward J. Snowden detailed the agency’s plans to leap the “air gaps” that separate computers from the outside world, including efforts to install specialized hardware on computers being shipped to a target country. That hardware can then receive low-frequency radio waves broadcast from a suitcase-size device that the N.S.A. has deployed around the world. At other times the air gaps have been leapt by having a spy physically install a USB stick to infect the adversary’s computer.

Basing its estimate on the time stamps in code, the Kaspersky presentation said the Equation Group had been infecting computers since 2001, but aggressively began ramping up their capabilities in 2008, the year that President Obama was elected, and began doubling down on digital tools to spy on adversaries of America.

While the United States has never acknowledged conducting any offensive cyberoperations, President Obama discussed the issue in general in an interview on Friday with Re/code, an online computer industry publication, describing offensive cyberweapons as being unlike traditional weapons.

“This is more like basketball than football, in the sense that there’s no clear line between offense and defense,” said Mr. Obama, himself a basketball player. “Things are going back and forth all the time.”

Read more

When did Apple become the boring one?

When did Apple become the boring one?

In less than a decade, Apple completely changed the world of personal computing, and the music industry in the process. First came the iPod and the iTunes Store; then the iPhone and App Store; and then the iPad. The Apple of the 2000s was an exciting company to follow. It’s just not that company anymore. Instead, it’s spent the past few years slowly improving its admittedly great cash cows, iterating and iterating and iterating. It’s made cheaper iPhones, bigger iPhones and even gave in and made a phablet. It’s made cheaper iPads, smaller iPads and is apparently planning a bigger iPad. It’s made cheaper MacBooks, smaller MacBooks… you get the point. Its latest project, the Apple Watch, sure looks like a smartwatch, and it might be very successful, but is it doing anything totally unique? Is it really exciting? No.

The 2000s Microsoft, on the other hand, spent its years trying to fix Vista, Internet Explorer and Windows Mobile — playing catch-up. Apart from the success of the Xbox 360, it had a pretty torrid time, even if it was never in trouble financially. But let’s briefly summarize what Microsoft, energized by the appointment of Satya Nadella as CEO almost a year ago, just showed us. An operating system that runs universal apps across PC, tablet, phone and Xbox One. Streaming games from your home console to any Windows PC or tablet. A voice assistant for your PC that seems like a prequel to Scarlett Johansson’s AI in Her. HoloLens. I mean, HoloLens! Microsoft is promising to make the distant dream of functional AR a reality very soon. It even held people’s attention while showing off a new enterprise PC.

Google, the final company in the fabled “big three,” has always been the upstart. It’s fresh, exciting and full of ideas. Some of them are good, and completely change their industry; some of them are bad, and fizzle out. But they’re always something. Project Ara”s modular smartphones are truly exciting, and progressing well; Project Loon — the idea of beaming internet down to developing or rural areas from balloons in the stratosphere — is pretty incredible; and sure, Glass might be leaving us temporarily, but with the creator of the Nest on board and Google’s massive investment in augmented reality company Magic Leap, you can be certain it’ll be back. So what about Apple?

Apple is the mid-2000s Microsoft. Its revenues are as healthy as ever, but it’s become a company that seems to make things just because it has to, that doesn’t take risks, that plays catch-up. The closest it’s come to a really exciting announcement in recent years was the launch of a niche pro desktop PC.

Microsoft just showed the world some crazy exciting stuff. Holographic computing might not be all it’s chalked up to be. HoloLens might never take off. Maybe people don’t want to talk to their computers. We’ll see. But Microsoft is trying to excite, or, to borrow an Apple buzzword, “delight” us all. If you’re a huge tech company, you should be trying to do that every day. Apple might be trying, but it’s not succeeding.

Read More

Google and SpaceX are talking about internet satellites

Google and SpaceX are talking about internet satellites

According to a report over at The Information, Google is about to write SpaceX, Elon Musk’s private spaceflight company, a big check the next time the latter company requests some cash. It’s still early days, but anonymous sources that are familiar with the matter believe that the quantity of cash that’ll change hands is “very large.”

If one thing is becoming clear, you see, it’s that those who control the infrastructure of the internet hold a lot of power. That’s why we’ve seen Google and Facebook developing methods to bring high-speed access to the developing world. As you may know, Project Loon envisages hoisting WiFi-beaming balloons into the sky while Facebook is researching drones that could push data across continents for very little cash.

A few days ago, however, SpaceX announced that it too would be joining the fray by launching several hundred satellites to orbit the earth. By placing the craft at a height of 750 miles, the system would, theoretically, be able to provide fiber-like speeds to every person on earth. That is, at least according to the report, where Google’s interest lies, since the search engine can leverage Musk’s space faring know-how and make sure it has two competing systems in the works.

Read more