By Franz-Stefan Gady
A report by a Russian cybersecurity firm lays bare the activities of a highly sophisticated cyber attack group.
A new report [PDF] by the Moscow-based cybersecurity firm Kaspersky Lab revealed sophisticated cyber attacks by state-sponsored hackers, labelled the Equation Group. “The Equation group is probably one of the most sophisticated cyber attack groups in the world; and they are the most advanced threat actor we have seen,” states the paper, presented at conference in Mexico this Monday.
Kaspersky Lab has a policy not to name the countries thought to be behind hacking attacks, but other reports alleged the Equation Group is connected to U.S. intelligence agencies. Reuters reports that two former National Security Agency (NSA) employees confirmed the validity of the analysis and said that operatives within the NSA “valued these spying programs as highly as Stuxnet.” The National Security Agency is the U.S. government’s lead agency in conducting sophisticated cyber espionage abroad. The report also states that, that “the Equation group and the Stuxnet developers are either the same or working closely together.” Various security experts have traced back the Stuxnet attacks to the U.S. and Israeli governments.
The report traces attacks from this “highly sophisticated threat actor” as far back as 2001, and possibly even 1996. A total of 30 countries have been and continue to be affected by these spying programs with the highest infection rates in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen, and Algeria. Targets in these countries include government institutions, nuclear research facilities, the military, and telecommunication companies.
Read the full story at The Diplomat