Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Has Equation Group hacked your hard drives? You won't be able to tell.

Tim Greene | Feb. 23, 2015
Infection can survive formatting and reinstalling the operating system.

Kaspersky found a low infection rate in the U.S., where Equation Group targeted mainly Islamic scholars and some others that Kaspersky couldn't classify. Reuters says it has confirmed through former NSA employees that the agency is behind the group.

Conventional good security practices are the best way to deal with this threat, says Young. "In the larger picture, most enterprises reading this already have many, many unpatched vulnerabilities that they need to shield or patch before worrying about any attacks related to Equation," he says. "The clear exception are those organizations in or doing much business with countries of interest to Equation."

Those with high infection rates include Iran, Russia, Pakistan, Afghanistan, India, China, Syria and Mali.

"Sure, the ability to leverage some of these techniques covertly, consistently, and at scale is a big challenge," says Johnson, "however, the fact that zero-days exist or that code can be encrypted or that firm-ware can be overwritten is absolutely not new or shocking."

Corporate security pros need to accept that with enough effort and know-how, motivated attackers will succeed in breaching networks, so they need to develop plans for quickly discovering, blocking and wiping out malware activity, he says.

"And finally, never be satisfied," Johnson says. "Once you think you're entirely clean, keep looking -- assume that something is still there hiding."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.