None of the companies involved have admitted knowledge that their hard drives were infected with the malware. The spyware is installed in the firmware of the devices, which is already installed on hard drives when you buy them from the store. This is executable code that can't be easily removed by an end-user; even by doing a full data wipe on a disk.
What does all of this mean? Has the NSA been snooping through your files? Probably not - but they may have the ability to. Kaspersky Labs, a privately owned Russian security company, found personal computers in 30 countries infected with one or more of the spying programs. There are connections linking the spyware to Stuxnet, and so far, this malware, currently dubbed "Fanny," seems to have the same level of complexity and value involved.
The allegations of Kaspersky have been confirmed by a former NSA employee, with another claiming that the NSA themselves had developed the method of concealing spyware in hard drives. This disclosure could certainly expand the argument against the NSA's illicit monitoring that has been ongoing since the disclosures by Edward Snowden.
As you can see from the picture below, the United States was not a main target in this attack, but there are hit indicating that machines are infected. Keep in mind that Kaspersky is a Russian company, and may have a larger data pool from their own country, which could influence the results that this map shows.
What do you think about the NSA's newly revealed spying techniques? Are they just doing their jobs? Or are they out of bounds when they infect hard drives of private-sector companies who are unaware of the infections? Let us know in the comments below!
Technical Details for "Fanny" can be found here.
The Register's confirmation of NSA involvement can be found here.
