Back Equation Group German Equation Group Spanish اکوئیشن گروپ Persian Equation Group French イクエーション・グループ Japanese Equation Group Polish Equation Group Russian Equation Group Slovenian Equation Group Ukrainian 方程式组织 Chinese

Equation Group

Equation Group
TypeAdvanced persistent threat
Location
ProductsStuxnet, Flame, EternalBlue
Parent organization

The Equation Group, classified as an advanced persistent threat, is a highly sophisticated threat actor suspected of being tied to the Tailored Access Operations (TAO) unit of the United States National Security Agency (NSA).[1][2][3] Kaspersky Labs describes them as one of the most sophisticated cyber attack groups in the world and "the most advanced (...) we have seen", operating alongside the creators of Stuxnet and Flame.[4][5] Most of their targets have been in Iran, Russia, Pakistan, Afghanistan, India, Syria and Mali.[5]

The name originated from the group's extensive use of encryption. By 2015, Kaspersky documented 500 malware infections by the group in at least 42 countries, while acknowledging that the actual number could be in the tens of thousands due to its self-terminating protocol.[5][6]

In 2017, WikiLeaks published a discussion held within the CIA on how it had been possible to identify the group.[7] One commenter wrote that "the Equation Group as labeled in the report does not relate to a specific group but rather a collection of tools" used for hacking.[8]

  1. ^ Fox-Brewster, Thomas (February 16, 2015). "Equation = NSA? Researchers Uncloak Huge 'American Cyber Arsenal'". Forbes. Retrieved November 24, 2015.
  2. ^ Menn, Joseph (February 17, 2015). "Russian researchers expose breakthrough U.S. spying program". Reuters. Retrieved November 24, 2015.
  3. ^ "The nsa was hacked snowden documents confirm". The Intercept. 19 August 2016. Retrieved 19 August 2016.
  4. ^ GReAT (February 16, 2015). "Equation: The Death Star of Malware Galaxy". Securelist.com. Kaspersky Lab. Retrieved August 16, 2016. SecureList, Costin Raiu (director of Kaspersky Lab's global research and analysis team): "It seems to me Equation Group are the ones with the coolest toys. Every now and then they share them with the Stuxnet group and the Flame group, but they are originally available only to the Equation Group people. Equation Group are definitely the masters, and they are giving the others, maybe, bread crumbs. From time to time they are giving them some goodies to integrate into Stuxnet and Flame."
  5. ^ a b c Goodin, Dan (February 16, 2015). "How "omnipotent" hackers tied to NSA hid for 14 years—and were found at last". Ars Technica. Retrieved November 24, 2015.
  6. ^ Kirk, Jeremy (17 February 2015). "Destroying your hard drive is the only way to stop this super-advanced malware". PCWorld. Retrieved November 24, 2015.
  7. ^ Goodin, Dan (7 March 2017). "After NSA hacking exposé, CIA staffers asked where Equation Group went wrong". Ars Technica. Retrieved 21 March 2017.
  8. ^ "What did Equation do wrong, and how can we avoid doing the same?". Vault 7. WikiLeaks. Retrieved 21 March 2017.
From Wikipedia, the free encyclopedia · View on Wikipedia

Developed by Nelliwinne