The ANT division doesn't just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on.The very first website I ever designed had a backdoor placed in it for my own amusement. Back then it was known that Al Qaeda was using such devices to communicate, and it was incredibly simple to do - just create a page with no apparent link and a complex name.
This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this "Persistence" and believe this approach has provided them with the possibility of permanent access.
Another program attacks the firmware in hard drives manufactured by Western Digital, Seagate, Maxtor and Samsung, all of which, with the exception of the latter, are American companies. Here, too, it appears the US intelligence agency is compromising the technology and products of American companies.
Other ANT programs target Internet routers meant for professional use or hardware firewalls intended to protect company networks from online attacks. Many digital attack weapons are "remotely installable" -- in other words, over the Internet. Others require a direct attack on an end-user device -- an "interdiction," as it is known in NSA jargon -- in order to install malware or bugging equipment.
Getting embedded into a target BIOS is a different level of digital burglary, and I think would be hard to detect without some external engineering tools (I could be wrong).
6 comments:
Each advance in technological flexibility (for example, the ability to upgrade the BIOS through "flashing") enables another generation of potential hacks. A totally secure system which is interconnected to other systems is a contradiction in terms. The only totally secure system is one that is not only NOT connected to any other system; it also is shielded from any and all electromagnetic emanations. I have worked on military simulator systems which meet those criteria. There is also severe restrictions on physical access to the building housing the systems. Yet, in spite of this very high level of security, there is always the potential for security breaches - because PEOPLE are the biggest potential threat to security, through intention or through carelessness.
While in the US Air Force (many moons ago), I worked in a building that housed various simulators for the B-52. One of them was a secure facility, requiring a SECRET level clearance AND a defined "need to know." In spite of those restrictions, I was able to walk into the facility unchecked (and unauthorized) because I knew the Major who was in charge of the section. When I saw classified SECRET documents lying open on a work table, I turned and high-tailed it out of the facility. A short time later, the Major was dismissed from service for security breaches in his branch. (No, I didn't turn him in, but I did explain to him that I was NOT cleared to be in his section, and wouldn't be back in his section.)
Even if the NSA really do have that level of access, wouldn't anyone who knows how to monitor all data traffic from their computer or device be able to spot what's happening as it occurs? Something doesn't add up; their reported capabilities are too good to be true.
Something tells me this might be a bogus report intentionally leaked in order to make people feel paranoid and insecure. Maybe they even knew what Snowden was doing and set him up with fake documents. Who can say for sure?
Hmm. Do you know how to detect and decode all the packets being transferred across your wifi? I sure don't. IIRC there are at least seven levels of protocol which must be applied to get from machine language to internet packets. (from the very dark recesses of my memory). Surely someone can do it, but not the average guy.
The average person wouldn't know how but there are people who definitely do. There was a guy who bought a smart TV and it turns out that the manufacturer was syphoning personal data after he turned off the appropriate setting from the TV's options menu. He found out precisely what they were remotely accessing by monitoring its online connection.
Michael,
Any details on how this guy did the monitoring?
When I got my laptop two years ago, microsoft would frequently seize control, nuke my work, download their updates, reboot the computer, all with no recourse from me. Sometimes they would give me a warning and a few minutes to save work, sometimes not. It was infuriating.
Then they seem to have stopped doing that.
First article that popped up about it.
https://www.informationweek.com/security/compliance/lg-admits-smart-tvs-spied-on-users/d/d-id/1112755
Search 'LG smart TV spied on users' or something to that effect.
Post a Comment