Submission + - NSA linked to hard drive firmware hacking across 12 major manufacturers (thestack.com)
An anonymous reader writes: Russian security researchers have published a report [http://www.kaspersky.com/about/news/virus/2015/equation-group-the-crown-creator-of-cyber-espionage] detailing the insertion of data-stealing software into the firmware of hard drives from over a dozen major manufacturers. The report, from Kaspersky Labs, connects the organisation behind it — which it has dubbed 'The equation Group' — with the National Security Agency, due to common variants in the hard drive malware and Stuxnet, the NSA-driven cyberattack initiative which was used to attack a uranium refinement facility in Iran. The 'Fanny worm' propagated by the firmware hack is used to breach air-gapped networks via infected USB sticks, relaying retrieved information back to command-and-control centers. Reuters claims to have had the allegations confirmed by two ex-NSA employees.
