The researchers identified a new family of malicious programs or worms that infected computers in several countries, especially abroad.
The objectives appear to be specifically selected and include military, Islamic activists, energy companies and other businesses as well as government personnel.
The report never mentions the United States, but the study highlights elements in common with the "Stuxnet" worm, developed by the US and Israel to destroy Iran's nuclear facilities.
According to the Kaspersky report, the similarities of the two programs suggest "the narrow creator".
The malware was not designed for profit, but to gather information through cyberspace - write by Kaspersky - but it is undoubtedly expensive and extremely sophisticated.
The NSA has not commented on the report, limiting itself to a telegraphic note: "According to the powers conferred by the President of the United States, we carry out operations abroad to prevent terrorist attacks and other threats, respecting the privacy of Americans".
The Kaspersky researchers found that some spyware was designed to be installed in the sign, essential software that is pre-loaded on a computer's hard drive. Once installed it is hardly detectable, impossible to remove and could access the vital codes saved by the user, such as the keys to decrypt the encrypted files.
Compromising a firmware is a difficult technical challenge that requires knowledge of the source code of the manufacturer, usually a jealously guarded secret.
The report cites several manufacturers of hard drives, whose products have been compromised: Seagate Technology, Western Digital Corp., Toshiba and IBM Corp. For at least three companies, the report is new. We have never discovered violations in our units - reiterated by Seagate Technology - our company is committed to safety and in all measures to prevent tampering or "reverse engineering" of our products.
Toshiba preferred not to comment. The report highlights that malware does not need access to the internet and that it can spread through “air-gaps”, ie even when disconnected from the network. Air-gapping is a safety practice used in nuclear plants.
Kaspersky discovered malware-infected computers in more than 30 countries, with the heaviest concentrations in Iran, Russia, Pakistan, Afghanistan and China. Few, however, targets in the United States and Great Britain.
"I am a TAO agent"
A supersecret unit made up of agents able to hack every existing system with equipment that would make James Bond shudder.
The division of the NSA (the National Security Agency) known as "TAO", Tailored Access Operations, is an elite team formed by hackers specialized in the theft of data from the most protected goals in the world.
The mission as well as the TAO team's motto is "Get the unattainable".
According to some US intelligence officials, the Tao agents have collected "some of the most significant security secrets of our country".
Between the 2005 and the 2009, the special unit managed to gain access to 258 destinations in 89 countries. In the 2010, the Tao has conducted 279 operations worldwide.
The Tao agents have a series of high-tech gadgets available for cases that are particularly difficult to crack, including monitor cables specially modified to record what is being typed on the screen and usb keys secretly equipped with radio transmitters to send stolen data remotely .
Some of the attacks take advantage of weaknesses in the internet architecture to install specific spyware on computers. Others take advantage of the hardware or software weaknesses of components distributed by some of the world's leading IT companies, including Cisco Systems, Inc. and China's Huawei Technologies Ltd.
The NSA also intervened in other cases, through FBI and CIA agents. A brand new computer, for example, may already have been intercepted in transit and "treated" before even reaching the owner. Intercepting IT equipment has become the primary mission of the NSA.
But that is not all. The Tao agents would also be able to access a computer thanks to Microsoft's crash reports, the sort of dialog that opens when a game freezes or while working on a Word document. The reporting system is intended to help Microsoft engineers improve their products and fix bugs, but the NSA would be able to sift through alerts to penetrate computers using Windows.
Franco Iacch
