The US is engaging in “offensive cyber warfare,” Kristinn Hrafnsson, spokesman for whistleblower organization WikiLeaks, told RT, following the unmasking of a sophisticated hacking ring that has infected thousands of computers in over 30 countries.
“Who is the real criminal?” Hrafnsson asked, during a
live interview with RT. “We have been led to believe that the
real danger of cyber warfare is from China or North Korea. But I
think the real danger here is the US, the superpower. And they
can cause real havoc all over the world with their
technologies.”
READ
MORE: ‘Equation Group’ hackers attacked 30+ nations with
NSA-style tech
On Monday, Moscow-based security firm Kaspersky Labs revealed a
trove of evidence showing that sophisticated surveillance systems
had been embedded in thousands of computers belonging to
officials, scientists, businessmen and journalists in states such
as Russia, Iran and China starting from 2001, by what it called
the Equation Group.
One of the most powerful in a suite of tools used by the team was
a virus that attached itself to the in-built programming
contained on the hard disk of almost every top manufacturer. The
malware allowed the hackers to take over the computer before the
operating system even loaded up for the first time, and has
likely existed at least since 2007.
“We are not surprised. We should not be taken aback by
anything after what we have learned from Edward Snowden, but we
are surprised by the sophistication,” said the Icelandic
journalist, who has worked with Julian Assange’s WikiLeaks since
2010.
“To go to the core of the computer, which makes it almost
impossible to detect is something that we haven’t seen
before.”
Hrafnsson says the National Security Agency is likely behind the
operation, saying “there is no other agent that has the
ability and the resources to do this.”
The NSA hasn’t admitted sponsoring the Equation Group – which
appears to be lavishly resourced – but circumstantial evidence
points to US involvement. Most of the computers infected are
located in countries that enjoy a rocky relationship with
Washington, while some of the infiltration techniques bear the
hallmarks of other operations where the US has been ostensibly
involved, such as the Stuxnet virus. Two anonymous sources,
formerly with the NSA, also confirmed the existence of the
espionage capabilities described by Kaspersky to Reuters.
‘Today’s NSA top secret techniques are tomorrow’s public hacking
tools’
Acclaimed cryptologist and cyber-security expert Bruce Schneier
also believes that that the uncovered techniques could belong to
the NSA – or its British partner, GCHQ.
“It seems obvious these are NSA techniques – the codenames
are the same, they are very similar to an NSA catalogue that was
revealed by Der Spiegel in December 2013. You look at the targets
list – it’s the list of US enemies. So it seems clear that if
this is not the US, it’s the UK, but it is definitely our side
doing it.”
He says this revelations show what the criminals of tomorrow may
do.
“Right now these are NSA and other military techniques but
today’s top secret programs become tomorrow’s PhD theses, and the
next days’ hacking tools. So what we are seeing in these
military-grade malware is the preview of what criminals are going
to do in 3-5 years and what we are learning is that attack is a
lot easier that defense,” he told RT.
At the same time, Schneier believes that while government cannot
be expected not to spy at all, techniques like those exposed by
Kaspersky are better than blanket wiretapping because they are
targeted.
“They are not the NSA spying on everybody to get at one
person. They are the NSA targeting legitimate enemies. And that
is really the best we can expect the governments to do. We can’t
expect them to stop spying. We want them to target.”
Cyber-Security Firm: NSA-Linked Spyware Found in Hard Drives
Worldwide: Researchers with K… http://t.co/8CDNyY5iIX pic.twitter.com/vN83TFUEsh
— Sir_Max (@Sir_Max) February
17, 2015
Karsten Nohl, chief scientist at Security Research Labs in
Berlin, says Kaspersky specialists have provided great insights
into a complex hacking system and obviously spent a lot of time
connecting the puzzle pieces that were available to other
researchers too to paint a devastating picture of a very capable
threat actor that went unnoticed for a long time.
“From all evidence we have seen so far, the US connection
seems quite clear. Lots of evidence like text strings in these
different viruses that we have seen over a whole decade of work
can be linked to other US malware, for instance Stuxnet,”
Nohl told RT.
“And adding to that, who else would have been able to afford
such a comprehensive hacking program 13 years ago, when this
attack started? I think only the US had budgets like this back
then for major hacking of worldwide computer network.”