Last month, Apple reported the largest quarterly profit in the history of American business: $18 billion, mainly on the strength of skyrocketing iPhone sales in China. God knows what Apple is going to do with the money besides add it to the company's incomprehensible $180 billion cash stockpile, but it's a success story in corporate terms.
But there is a serious threat to Apple's success, and that of every other high-tech manufacturer in the U.S., in the form of the National Security Agency's grasping quest to infect every computer on earth with NSA-friendly malware. Previous revelations in this vein from whistleblower Edward Snowden mainly concerned American software and web service companies like Microsoft and Facebook. But a new story from the computer security firm Kaspersky reveals new ways in which the NSA is compromising American hardware as well.
The Kaspersky report details how the "Equation Group," associated with the people who coded the Stuxnet worm that attacked Iranian nuclear facilities and other targets, have been executing extremely sophisticated cyberattacks around the globe. Though Kaspersky stops short of pointing fingers, it was the NSA, together with Israeli hackers, that created Stuxnet. On Monday, Reuters confirmed the obvious: the NSA is behind the Equation Group as well.
The list of exploits is staggering. The GrayFish program — just one of many — is light-years past a normal computer virus; Kaspersky calls it a "full-featured espionage platform." It inserts itself into the operating system at the boot stage, taking full control of the machine. "After infection, the computer is not run by itself more: it is GrayFish that runs it step by step, making the necessary changes on the fly," Kaspersky says.
Though these platforms reportedly contain self-destruct mechanisms, Kaspersky managed to recover a few even more impressive malware modules, ones which infect a hard drive's firmware. This is the code that runs the hard drive itself, and Kaspersky says it has never seen it compromised before. It makes an infected computer nigh-impossible to clean, because even reformatting the hard drive and reinstalling the operating system won't touch hard drive firmware. There isn't even a read function for most such firmware, making it almost impossible to tell if it is infected or not.
And while all the documented exploits were for Windows machines, Kaspersky found compelling evidence suggesting that there are exploits for Mac OS X and iOS users as well. A slew of infected Macs in China report to Equation Group control servers, while special redirects send iPhone browsers to exploit-laden web pages. No operating system is safe from NSA penetration, perhaps not even Linux.
This ought to be hugely alarming for American technology companies. Protectionism is always a political temptation. If I were a Chinese high-tech equipment manufacturer, I'd be howling for American products to be banned from the country altogether. The argument may be opportunistic, but let's face it: better to have local industries produce lower-quality iPhone knockoffs than risk half the citizenry walking around with an NSA periscope.
I have zero expectation that the political class will move past its knee-jerk deference to the security apparatus, but policy-makers really might want to consider the potential downside to the American economy (that is, if they can't be bothered about preserving the whole liberal democracy thing).
Furthermore, the wide legal latitude given to spies, combined with the first-mover advantage the United States still possesses by being the country that invented the internet, has created an irresistible temptation for the NSA to abuse American high-tech firms. But that advantage depends on the internet and its associated technologies remaining relatively open and free. By trying to "collect it all," to quote former NSA chief Keith Alexander's motto, the spies may destroy the backbone of Silicon Valley.
For Silicon Valley, the NSA may be the kind of parasite that eventually kills its host.