Earlier this month, researchers at the Kaspersky Lab in Russia discovered an incredibly sophisticated cyber espionage operation. This operation has been dubbed the “Equation Group” and has been using malware tools and spyware to infect a number of computers. The Equation Group seems to have a very specific end in mind though as they have mostly attacked the computers of government institutions, research groups, telecommunications companies, and other organizations such as nuclear research groups, and military groups in more than 30 countries with at least 500 victims that have been noted. Some of the countries that have been attacked include Russia, India, Afghanistan, and China. While the Equation Group seems to have no quarrel with everyday citizens, this is still something that everyone should be concerned about.
As security expert Bruce Schneier says, “technology democratizes.” This means that while the extremely sophisticated malware is, for now, being used to attack governments, the same technology can trickle down so that other hackers without such lofty plans can possess this knowledge. What makes this technology so dangerous is that it is nearly impossible to detect and even more difficult to completely destroy. Even wiping the hard drive and overwriting the system does not completely destroy the malware. The technology uses at least six malware platforms, which means only the highest skilled cyber security expert can detect it. Researchers at the Kaspersky Lab reported that it took them two weeks to even crack just one cryptographic element and they were trying more than 300 billion guesses per second. In the end, the best way to get rid of the malware at this point in time is to physically destroy the hard drive. While this is not ideal, it is so far the only proven way to completely destroy the malware. If there is a good side to this, it is that the leak is now out in the open and it is now up to antivirus companies to figure out how to keep your data secure.