Russia’s intelligence agency has generated malicious software that’s virtually impossible to expunge. According to The Daily Beast, the malware can persist even if the operating system is reinstalled or the hard drive replaced—security measures that would normally expel an intruder.
“If Putin’s new malware hits you, don’t bother wiping your hard drive,” writes Daily Beast reporter Kevin Poulsen. “Just throw out your computer.”
The malware works by rewriting the code that’s entered into a computer’s UEFI chip, a small device that connects a computer’s firmware to its operating system. It was uncovered by ESET, a cyber security firm based in Slovakia. Researchers warn that the hackers, known as Fancy Bear, “may be even more dangerous than previously thought.”
Civics Lesson: The Cybersecurity Information Sharing Act
President Obama signed the Cybersecurity Information Sharing Act on December 18, 2015. The purpose of the law is to “improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.”
Image credit: Shutterstock
U.S. intelligence agencies have traced Fancy Bear’s origins to two units operating within the GRU, the intelligence branch of Russia’s armed forces. In July 2016, special counsel Robert Mueller indicted 12 GRU officers for Fancy Bear’s involvement in U.S. election interference.
“The GRU is following a developmental model that’s very sophisticated,” said Clint Watts, a former FBI counterterrorism agent and research fellow at the Foreign Policy Research Institute. “They have programmers who seem to be top-notch and they appear to rapidly deploy their cyberweapons not long after they develop them.”
Experts say that the advanced software is a sign that Kremlin hackers are ramping up their efforts and refining their technique.
“There’s been no deterrence to Russian hacking,” said Watts. “And as long as there’s no deterrence, they’re not going to stop, and they’re going to get more and more sophisticated.”