In 2015, Moscow-based Kaspersky Lab published a report on the Equation Group, a threat actor active since 2001 [PDF]. It was responsible for infecting approximately five hundred systems in at least forty-two countries. The malware used by Equation Group had the ability to reprogram hard drives and then self-destruct, which made the operations effectively invisible and indestructible. Targeted systems ranged from the private to the public sector, from energy departments to military operations to media outlets.
The tools and scope of the Equation Group suggest that it is one of the most sophisticated threat actors operating in cyberspace. Many believe that Equation Group is a state-sponsored entity, such as the U.S. National Security Agency or a joint effort between it and its Five Eyes allies.
Suspected victims
- Iran
- Afghanistan
- Syria
- Yemen
- Kenya
- Russia
- India
- Mali
- Algeria
- United Kingdom
- Pakistan
- China
- Lebanon
- United Arab Emirates
- Libya
Suspected state sponsor
- United States
Type of incident
- Espionage
Target category
- Government
- Military