Meet The Cyberweapon You Can’t Get Rid Of Without Smashing Your Hard Drive


There’s a shadow war unfolding on the internet, as various groups jostle for control and develop new, refined software to steal data and damage systems. If you think it’s just a matter of running antivirus software, let’s meet the Equation Group, a cabal of cyberspies with software so advanced, the only way to get rid of it is to use a hammer on your hard drive.

The Escapist has a rather detailed look at this particular group, including their malware, which infects the firmware of your hard drive. For those unfamiliar, firmware is persistent memory and specific code contained within a device. It allows your hard drive to boot up and operate, and it’s impossible for you to edit firmware without some incredibly complex software and hardware tools. Basically, the only way to get the Equation Group out of your computer once it’s all up in there is to smash it and get a new one.

The good news is that the Equation Group is not a bunch of teenage vandals. They have very specific targets and are even polite enough to have their malware self-destruct. The bad news is that they’re almost certainly state-sponsored, largely targeting citizens of countries like Iran, Russia, Pakistan, Afghanistan, India, China, Syria, and Mali. This is a bit like having a CIA squad running around planting bombs on various key infrastructure points in a supposedly friendly country, “just in case.” There are some serious concerns about what, precisely, constitutes an act of war on the internet, and sooner or later, teams like the Equation Group are going to stumble right over it.

On the other hand, we will probably get a CSI: Cyber episode out of this. So, there’s that going for us, which is nice.