Monthly Archives: February 2015

Game Film: NSA Gorfam 250 #39; 1-Pitch Softball Tournament
Game film from the NSA Gorfam 250 1-Pitch tournament at Indian Springs Softball Complex in Broken Arrow, OK. Brought to you by RedDirtSoftball.com. Like us at facebook.com/reddirtsoftball...

By: RedDirtSoftball

Read the rest here:
Game Film: NSA Gorfam 250' 1-Pitch Softball Tournament - Video

Ex-NSA chief linked to alleged coup plot
Sen. Antonio Trillanes involves former National Security Adviser (NSA) Norberto Gonzales in the coup attempt against President Aquino. Subscribe to ABS-CBN News channel!

By: ABS-CBN News

See more here:
Ex-NSA chief linked to alleged coup plot - Video

Kaspersky Lab uncovers online spy tools with potential NSA connections
The Moscow-based Kaspersky Lab has discovered new methods allegedly used by a group known as the #39;Equation Group #39;, potentially linked to America #39;s National Security Agency, to establish...

By: Cnn News Rt

See original here:
Kaspersky Lab uncovers online spy tools with potential NSA connections - Video

NSA Hacks Hard Drives - Daily Security Byte EP.25
In this short, daily video post, Corey Nachreiner, CISSP and Director of Security Strategy for WatchGuard Technologies, shares the biggest InfoSec story from the day -- often sharing useful...

By: Corey Nachreiner

Originally posted here:
NSA Hacks Hard Drives - Daily Security Byte EP.25 - Video

Aurich Lawson

CANCUN, Mexico In 2009, one or more prestigious researchers received a CD by mail that contained pictures and other materials from a recent scientific conference they attended in Houston. The scientists didn't know it then, but the disc also delivered a malicious payload developed by a highly advanced hacking operation that had been active since at least 2001. The CD, it seems, was tampered with on its way through the mail.

It wasn't the first time the operatorsdubbed the "Equation Group" by researchers from Moscow-based Kaspersky Labhad secretly intercepted a package in transit, booby-trapped its contents, and sent it to its intended destination. In 2002 or 2003, Equation Group members did something similar with an Oracle database installation CD in order to infect a different target with malware from the group's extensive library. (Kaspersky settled on the name Equation Group because of members' strong affinity for encryption algorithms, advanced obfuscation methods, and sophisticated techniques.)

Kaspersky researchers have documented 500 infections by Equation Group inat least 42 countries, with Iran, Russia, Pakistan, Afghanistan, India, Syria, and Mali topping the list. Because of a self-destruct mechanism built into the malware, the researchers suspect that this is just a tiny percentage of the total; the actual number of victims likely reaches into the tens of thousands.

A long list of almost superhuman technical feats illustrateEquation Group's extraordinary skill, painstaking work, and unlimited resources. Theyinclude:

Taken together, the accomplishments led Kaspersky researchers to conclude that Equation Group is probably the most sophisticated computer attack group in the world, with technical skill and resources that rival the groups that developed Stuxnet and theFlame espionage malware.

"It seems to me Equation Group are the ones with the coolest toys," Costin Raiu, director of Kaspersky Lab's global research and analysis team, told Ars. "Every now and then they share them with the Stuxnet group and the Flame group, but they are originally available only to the Equation Group people. Equation Group are definitely the masters, and they are giving the others, maybe, bread crumbs. From time to time they are giving them some goodies to integrate into Stuxnet and Flame."

In an exhaustive report published Monday at the Kaspersky Security Analyst Summit here, researchers stopped short of saying Equation Group was the handiwork of the NSAbut they provided detailed evidence that strongly implicates the US spy agency.

First is the group's known aptitude for conducting interdictions, such as installing covert implant firmware in a Cisco Systems router as it moved through the mail.

Second, a highly advanced keylogger in the Equation Group library refers to itself as "Grok" in its source code. The reference seems eerily similar to a line published last March in an Intercept article headlined "How the NSA Plans to Infect 'Millions' of Computers with Malware." The article, which was based on Snowden-leaked documents, discussed an NSA-developed keylogger called Grok.

Read the original:
How omnipotent hackers tied to NSA hid for 14 years ...

The U.S. intelligence community has found ways to avoid even the strongest of security measures and practices, a new report from Moscow-based Kaspersky Lab suggests, demonstrating a range of technological accomplishments that place the nation's hackers as among the most sophisticated and well resourced in the world.

Hackers who are part of what the cybersecurity researchers call "Equation Group" have been operating under the radar for at least 14years, deploying a range of malware that could infect hard drives in a wayalmost impossible to remove and cold hide code in USB storage devicesto infiltratenetworks kept separate from the Internet for security purposes.

Kaspersky's report did not say the U.S. government wasbehind the group. But it did say the group was closely linked to Stuxnet -- malware widely reported to have been developed by the National Security Agency and Israel that was used in an attack against Iran's uranium enrichment program -- along with other bits of data that appear to align with previous disclosures. Reuters further linked the NSA to the Kaspersky report, citing anonymous former employees of the agency who confirmed Kaspersky's analysis.

NSA spokesperson Vanee Vines said in a statement that the agency was aware of the report, but would not comment publicly on any allegations it raises.

The Kaspersky report shows a highly sophisticated adversarythat has found ways to worm itself into computers with even the strongest of security measures in place. This matches up with what we know about other NSA efforts from documents leaked by former NSA contractor Edward Snowden, which showed efforts to undermine encryption and evade the protections major tech companies used to guard user data.

But the new report paints a more detailed picture of the breadth of the agency's reported offensive cyber arsenal. And unlike other recent revelations about U.S. government snooping, which have largely come from Snowden, the insights from Kaspersky came from examining attacks found in the digital wild. Victims were observed in more than 30 countries, withIran, Russia, Pakistan and Afghanistan having among the highest infection rates, according to the report.

One of the most sophisticatedattacks launched by theEquation Group lodged malware deep into hard drives, according to Kaspersky. It worked by reprogramming the proprietary code, called firmware, built into the hard drives themselves. That allowed for persistent storage hidden inside a target system that could survive the hard drive being reformatted or an operating system being reinstalled, the report says.

The code uncovered by Kaspersky suggests the malware was designed to work ondisk drives of more than a dozen major manufacturers -- including those from Seagate, Western Digital, Toshiba, IBM and Samsung. But the report also notes that this particular technique seemed to be rarely deployed, suggesting that it was used only on the most valuable victims or in unusual circumstances.

The Kaspersky report also said the group found ways to hide malicious files within aWindows operating system database on the targets' computer known as the registry -- encrypting and stashing the files so that they would be impossible to detect using antivirus software.

Equation Group also found ways to infiltratesystemsthat were kept off the Internet for security purposes -- commonly known as "air-gapped" networks. Malware used by the hackers relied on infected USB sticks to map out such networks -- or even remotely deploy code on them, according to the report.

Originally posted here:
The NSA has reportedly found ways to avoid even the strongest security measures

The NSA may be implanting spying software in hard drives from a dozen major manufacturers including Toshiba, Western Digital, IBM, Samsung and Seagate, a report from cybersecurity firm Kaspersky Lab revealed Monday.

Though Kaspersky did not come out and point the finger directly at the National Security Agency -- instead calling out the Equation group, who have been perpetrating high-level attacks for almost 20 years -- but they said that there are "solid links indicating that the Equation group has interacted with" the actors behind Stuxnet, a virus the NSA used to attack Iranian nuclear weapons development in 2012.

A former NSA employee told Reuters that Kaspersky's analysis was correct, and "another former intelligence operative confirmed that the NSA had developed the prized technique of concealing spyware in hard drives."

The Kaspersky paper calls the software "perhaps the most powerful tool" in the Equation group's impressive arsenal, and "the first known malware capable of infecting the hard drives." It reprograms the drives and creates a hidden space where it can save stolen information to be retrieved later.

As CNET's Bridget Carey told CBS News, getting that deep into a piece of firmware (the core software of the drives), is very hard to do and requires the source code from the manufacturer.

One of the companies whose hard drives were infected with the spyware, Western Digital, said that it did not give its source code to the government. "But other sources in cybersecurity say that the government can get this because all it takes is for you to sell a computer to the Pentagon or another agency and they have to say, 'You know what, for security reasons we need that source code,'" Carey explained.

In other words, the government may have only had to ask for what it wanted in order to send spying-capable hard drives all over the world.

2015 CBS Interactive Inc. All Rights Reserved.

See the original post:
Is the NSA putting spyware in hard drives?