US telecommunication technology means spyware
La Alborada – Feb 18
EDITORIAL
One of President Obama’s proposals to Cuba –exceptions to the continuing legislative blockade– is to permit US-based telecommunication companies to sell equipment as well as services to Cuba. The latter could certainly use cutting-edge technology, especially if affordable. It would also find the offer problematic.
Expanding telecommunications between the two countries is not a new idea. It began with the 1996 Helms-Burton act, which contemplated a greater US penetration of Cuban society through means that –especially in the depths of the Special Period– were expected to be essentially one-way; up to that time, Cuba had been allowed little presence in Internet. It is no surprise that among the most insistent demands of the US has been that Cuba make Internet available to everyone, even if it lacks the money to pay for the effort and even as the blockade made it illegal for Cuba to buy US hardware and software prior to the new trade rules.
The Helms-Burton legislation came long before Edward Snowden revealed to the world the depth and scope of cyber-spying by US agencies. The original information from Snowden kept growing, leading to Congressional hearings. We noted a while back that connecting Cuba’s Intranet to US operators would be like providing a direct connection of Cuba’s bandwidth to the NSA and associated spy agencies. This week, the Russian company Kaspersky made known new information that made everything that came after Snowden’s first disclosures look simple.
In Reuters’ summary :
The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.
The technology makes it possible for the US to hide spy code in the firmware – the very first code directions that boot a computer, even before the OS goes into effect. The spyware is directed especially to target countries and sectors of those countries.
PC Magazine provided further details :
According to Kaspersky Lab, the “Equation group”—named for its penchant for encryption algorithms—has targeted more than 30 countries, including Iran, Russia, Pakistan, Afghanistan, India, and China, with a focus on those in government, nuclear research, military, and nanotechnology, as well as companies developing cryptographic technologies, among others.
Kaspersky said the Equation group has a “powerful arsenal” of Trojans with names like EquationLaser, EquationDrug, DoubleFantasy, TripleFantasy, Fanny, and GrayFish.
Equation group malware can reprogram hard drive firmware, and has been found on devices from Seagate, Western Digital, and Samsung. The exploit is undetectable and cannot be removed.
Infections have been carried out via physical interceptions, like infected USB drives and CD-ROMs. “One such example involved targeting participants at a scientific conference in Houston: upon returning home, some of the participants received a copy of the conference materials on a CD-ROM, which was then used to install the group’s DoubleFantasy implant into the target’s machine,” Kaspersky said.
A chart from Reuters shows that besides the countries mentioned with a high infection rate, a second tier of medium infection rate included Mexico, several North African countries, and the UK. Then, a third tier of low infection rate included Brazil, Venezuela, Peru, Ecuador, France, Germany, South Africa, Kazakhstan, and even the US itself.
PC Mag concludes with this observation: “Kaspersky counted more than 500 victims worldwide; the system’s self-destruct mechanism, however, means there have likely been tens of thousands of infections.”
Panama’s La Prensa reported, citing information from Kaspersky, that the country hosted a command and control center of the Equation Group, mentioning as targets, besides those listed above, Belgium, Switzerland, Syria, Somalia, Hong Kong, Libya, Italy, Costa Rica, Malaysia, Colombia, Czech Republic, and United Arab Emirates.
Given this, can there be any doubt that US spyware would be packaged surreptitiously into every possible item of information technology sent to Cuba by the US or its surrogates? Cuba’s experts will have to decide whether to accept a cybernetic Trojan Horse; one that in this case would be carrying not soldiers, but a truly unfriendly set of Trojan viruses.
