Kenya among countries allegedly compromised by NSA’s spyware

No photo availableCIO Africa authorByBaraka Jefwa
3 min read

Kenya has been named as one of several countries which the United States National Security Agency (NSA) has compromised by…

nsa_article_full

Kenya has been named as one of several countries which the United States National Security Agency (NSA) has compromised by installing spyware in devices bought by them.

According to an article by the Inquisitr, the spyware is placed in deep lying areas of the devices thus making them hard to remove.

Kenya makes it to the list of compromised countries together with two other African countries, Algeria and Egypt.

“The United States National Security Agency (NSA) embedded sophisticated spyware deep in the firmware of hard drives manufactured by top manufacturers as part of an international spying campaign which has infected thousands of computers across more than 30 countries, according to an analysis by researchers at Russian-based cybersecurity firm Kaspersky Lab,” states the article.

“There were over 500 infections across 42 countries documented in total by the Internet security firm,” it further adds. “The country with the highest recorded incidence of cyber-attack by equation hackers is Iran, according to Kaspersky’s analysis. Next in line was Russia, followed by Pakistan, Afghanistan, India, China, Syria, and then Mali. Lower levels of infections were discovered across the United Kingdom, Mexico, Lebanon, Yemen, United Arab Emirates, Kenya, Algeria, Qatar, and Egypt.”

The analysis was confirmed to Reuters by a former NSA employee who noted that the U.S. intelligence agency values this spying program, which is part of a broader campaign.

The NSA’s spokeswoman, Vanee Vines, declined to comment publicly on the matter, but she did indicate that the agency was aware of the Kaspersky report.

Analysis by the antivirus company referenced the unknown hackers as the “equation group” for their love of encryption algorithms, obfuscation, and the sophistication exhibited throughout their hacking tools. The company’s research paper (PDF) called the group “one of the most sophisticated” and “advanced” group of hackers they’ve ever seen in the entire world.

“The equation group is probably one of the most sophisticated cyber attack groups in the world; and they are the most advanced threat actor we have seen.”

Kaspersky’s report show that the spyware had been found deep within the hard-drives of more than a dozen top manufacturers, which included; Western Digital, Toshiba, Seagate, Samsung, Maxtor, and IBM, among others.

The hard-drive infecting malware is known only as nls_933w.dll. The virus is impossible to remove, as it persists through machine wipes to re-infect the targeted systems.

Reports suggest Equation had access to the hard drive firmware’s source code, but at least one manufacturer of infected hardware, Western Digital, claims it had no prior knowledge of the alleged NSA spy program which infiltrated its hardware in order to spy on foreign entities.

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co