Skip to main content

Hard drives beware, the NSA is coming for you

NSA floor seal
Image used with permission by copyright holder
A new report from the threat research team at Kaspersky Labs has discovered the existence of a highly advanced set of trojans developed in concert by the NSA and its partners, capable of breaking into any hard drive and going undetected for years on end.

The effort, launched on behalf of what Kaspersky is calling the “Equation Group,” was a specialized operation designed to implement surveillance on some of the NSA’s highest profile targets. Unlike the blanket collection methods we saw with the taps of Google’s fiber optic lines or phone call record archives, the NSA kept the secrets of their hard drive intrusion comparatively close to their chest, only bringing out the big guns when it was an absolute necessity.

Kaspersky believes this is due to the highly advanced nature of the code that was used to infiltrate the drives, which could have cost upwards of several million dollars to construct, implement, and maintain over the past decade. The agency wasn’t willing to risk having that technology fall into the wrong hands through overuse, and as far as the Russian threat research group could find, the only targets it’s been used on are computers within specific I.P. ranges, most of them in the Middle East.

The code was capable of infiltrating drives from many of the largest providers including Seagate, Western Digital, and Toshiba, rewriting the firmware on each, and making itself resilient to any method of removal including flash wipes.

This is capability that only a nation-state could cook up, and anonymous sources still working within the agency have been able to confirm the existence of the program used to develop it. Kaspersky’s findings suggest the group behind the exploit has been active for at least 15 years, and the hard-drive infecting malware, called GrayFish by Kaspersky, has been around since 2008.

The news comes just a day after the Lab unveiled details of one of the largest banking trojan operations in history, which yielded the hackers behind the scam upwards of one billion dollars, collected over a span of just under two years.

None of the manufacturers of the drives in question claim to have known about the defects in their devices, and state they have never worked or collaborated with the NSA to install secret backdoors in their hardware.

Chris Stobing
Former Digital Trends Contributor
Self-proclaimed geek and nerd extraordinaire, Chris Stobing is a writer and blogger from the heart of Silicon Valley. Raised…
What is a hard drive?
how to install sata drive hard

What is a hard drive? It's a common question and one that we're more than happy to answer. Whether you are looking for ways to upgrade your hard drive, trying to buy a computer with the right hard drive, or just trying to figure out what everyone is talking about, read on. We'll explain everything and give you tips on which hard drive properties are essential.
The hard drive's purpose

The hard drive is where a computing device stores data for the long term -- not just the things you save, but all the code required for the operating system, the framework browsers use to access the internet, drivers for accessories, and everything else. When referring to computer storage, "hard drive" (or solid-state drive, see below) is typically used.

Read more
How to clone a hard drive on MacOS and Windows

Our PCs contain so many valuable files that a crash is catastrophic. They house our family pictures, our homework, digital art, work reports, and more. Losing all those hours of work and priceless memories is gut-wrenching and heartbreaking, to say the least.

Cloning your PC's drive is an easy way to preserve all those essential files. You can create copies of all your files and clone your operating system, software, and more. It's a good restoration plan for when your PC's original drive begins to fail, as data recovery software may not be useful. It's also a great way to upgrade from a hard drive to a solid-state drive without having to start over.

Read more