14 DAY TRIAL // The US National Security Agency’s Director General Keith Alexander and Debora Plunkett, the agency’s information assurance director, have made an appearance on CBS’s “60 Minutes” program.
The two attempted to clear the NSA’s “we spy on everyone, everywhere” reputation. Besides providing some “clarifications” on the agency’s surveillance programs, Plunkett has revealed some information regarding a major cyberattack.
Apparently, a foreign state has developed a BIOS malware capable of “destroying computers.” The threat, disguised as a software update, turned computers into what Plunkett calls “a brick.”
“Think about the impact of that across the entire globe. It could literally take down the U.S. economy,” Plunkett said, referring to the effects of the malware.
Furthermore, the NSA believes that this evil plan would have worked if they hadn’t foiled it. Fortunately, they managed to “close the vulnerability” leveraged by the malware by working with computer manufacturers.
The NSA refused to comment about the source of this attack, but experts have revealed that China was behind it.
The existence of the piece of malware described by Plunkett is highly plausible. It’s well known that there are threats designed to infect the BIOS. Disguising malicious elements as software updates is also common.
Moreover, developing advanced malware is not that difficult, especially for nation states that have almost unlimited resources.
However, the story seems to be a bit exaggerated. Taking control of computers might be a plausible goal, but destroying them seems a bit farfetched. Avira Security Expert and Product Manager Sorin Mustaca agrees.
“Regarding the so-called ‘BIOS Plot,’ I think it is just a smart tactic to direct the attention from the real problem. I don't think that China or anyone else on this planet would damage the economy of the USA for the simple reason that they would ultimately do a damage to themselves (and their country/employer),” the expert has told Softpedia.
“We have seen what happened in 2009 when the Bank crisis went on in the USA. The entire planet was affected and this was a financial crisis and not a doomsday for computers,” he noted.
Mustaca highlights that there is a big difference between a bot (a remotely infected computer) and a "brick" (to make a computer unusable). It appears that not everyone knows the difference.
“I would fully understand if a government would try to control the computers in the US (especially those that are critical), but I don't understand why would anyone would want to destroy them.”
Mustaca also points to another interesting part of the interview in which the NSA officials claim that their analysts work on highly complex systems, and when mistakes are made, they’re “human errors, not intentional abuse.”
“I think that NSA is facing a unprecedented PR crisis. Actually the Public Relations is exactly what NSA doesn't want to have. It is the first time when I hear that the spying might have been done ‘by human errors and not willingly’,” Mustaca said.