| 翻訳と辞書 |
| Equation Group : ウィキペディア英語版 |
Equation Group
The Equation Group is a highly advanced secretive computer espionage group, identified by discoverers Kaspersky Labs as one of the most advanced (if not the most advanced) in the world as of 2015,〔 and suspected by security expert Claudio Guarnieri and unnamed former intelligence operatives of being tied to the United States National Security Agency (NSA). Because of the group's predilection for strong encryption methods in their operations, the name ''Equation Group'' was chosen by Kaspersky Lab, who also documented 500 malware infections by the group's tools in at least 42 countries over many years.
In 2015 Kaspersky's research findings on the Equation Group noted that its loader, "Grayfish", had similarities to a previously discovered loader "Gauss" from another attack series, and separately noted that the Equation Group used two zero-day attacks later used in Stuxnet; the researchers concluded that "the similar type of usage of both exploits together in different computer worms, at around the same time, indicates that the EQUATION group and the Stuxnet developers are either the same or working closely together". They also identified that the platform had at times been spread by interdiction (interception of legitimate CDs sent by a scientific conference organizer by mail),〔 and that the platform had the "unprecedented" ability to infect and be transmitted through the hard drive firmware of several of the major hard drive manufacturers, and create and use hidden disk areas and virtual disk systems for its purposes, a feat demanding access to the manufacturer's source code of each to achieve,〔 and that the tool was designed for surgical precision, going so far as to exclude specific countries by IP and allow targeting of specific usernames on discussion forums.〔 The techniques and knowledge used by the Equation Group were considered in summary to be "out of the reach of most advanced threat groups in the world except (group ).〔
==Summary==
At the Kaspersky Security Analysts Summit held in Mexico on February 16, 2015, Kaspersky Lab announced its discovery of the Equation Group. According to Kaspersky Lab's report, the group has been active since at least 2001, with more than 60 actors. The malware used in their operations, dubbed EquationDrug and GrayFish, is found to be capable of reprogramming hard disk drive firmware. Because of the advanced techniques involved and high degree of covertness, the group is suspected of ties to the NSA, but Kaspersky Lab has not identified the actors behind the group.
The NSA codewords "BACKSNARF", "Grok", "STRAITACID," and "STRAITSHOOTER" have all been found inside the malware. In addition, timestamps in the malware seem to indicate that the programmers worked overwhelmingly Monday-Friday in what would correspond to a 08:00-17:00 workday in an Eastern United States timezone.
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』
■ウィキペディアで「Equation Group」の詳細全文を読む
スポンサード リンク
| 翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|