Malware has supposedly been embedded to networks that are found internationally from the United States via NSA, named as the “Equation Group” – according to new revelations at the annual Kaspersky Security Analyst Summit held in Mexico.
In Mexico the annual Kaspersky Security Analyst Summit (SAS) is held these days and there has been a hot revelation published by a Russian cyber security firm that is certain to be discussed greatly. In their first report, the cyber analysts have claimed that the “Equation Group” had been working underground and had been collecting sensitive data from networks universally.
To be more specific, the countries that had been targeted by this group (which refers directly to the NSA) include Russia and China, Pakistan and Iran. More details are supposed to be published again in the near future by the very same cyber analysts, so a lot more remains to be unraveled.
A tweet that is worth highlighting on this matter goes as follows: The #EquationAPT group is probably one of the most sophisticated cyber attack groups in the world #TheSAS2015, while another tweet indicates the following: Two #0day exploits were used by the #EquationAPT group before they were integrated into #Stuxnet. There are ongoing updates on Twitter as to the revelations and all the other breaking news that are published and discussed in the Summit in Mexico.
The Equation Group has been linked to a great many different incidents of surveillance, including among others military and aerospace, nanotechnology and mass media, transportation and nuclear research. Another thing that should be pointed out regarding the tactics used by the group is the fact that there is striking resemblance with Stuxnet, the famous computer worm that was revealed back in 2010. This worm had been designed in the direction of completing cyber attacks and thus harming online enemies.
Although there is no solid evidence as to the NSA being behind the Equation Group, there are details that confirm such a relationship (in fact, the two being the same thing). To be more specific, a specific keyword (GROK) that was found in a keylogger component had also been included in a document leaking the NSA’s spying tools. There are additional links to the NSA, but the evidence is not crystal clear to this date.
Costin Raiu, head of Kaspersky’s Global Research and Analysis Team, expressed his opinion on the matter and on the severity of the consequences deriving from surveillance tools: “As we uncover more of these cyber espionage operations we realize how little we understand about the true capabilities of these threat actors.” It is true that the depth and gravity of such tools targeting other networks internationally raises concerns as to the extent to which someone (let’s say the United States) can collect critical data, harm intelligence, grab hold of classified documents or initiate cyber attacks.
Top/Featured Image: By Wersję rastrową [GFDL, CC-BY-SA-3.0 via Wikipedia]