What Is Kaspersky's GReAT?

The malware that modifies a hard drive's firmware to create hidden space where stolen data and maybe even encryption keys for later retrieval was discovered by GReAT, or the Global Research and Analysis Team, part of Moscow-based security technology developer Kaspersky Lab's Threat Research unit.

GReAT was established in 2008 to combat malware and has more than 40 security experts worldwide, according to Kaspersky. Many of its capabilities are similar to those offered by advanced research labs from other security vendors, including Symantec Research Labs or McAfee Labs.

The organization partners with international organizations to assist in investigations and countermeasures to combat malware operations, as well as with large third-party IT vendors such as Adobe, Google and Microsoft to investigate vulnerabilities.

[Related: Hard Drive Malware Hack Opens A Pandora's Box, But Storage Vendors Have Been Closed Off On The Implications]

id
unit-1659132512259
type
Sponsored post

The malware that infects hard drive firmware is only one of several recent discoveries from GReAT. Others include:

The Fanny worm: Fanny's goal is to map air-gapped networks, or those systems that cannot be reached via normal attacks because they are not connected to an outside network. Fanny works via a USB stick with a hidden storage area infected with the worm. When the USB stick is connected to an air-gapped system, it can surreptitiously collect basic system data and send it on when connected to a network. The USB stick can also carry secret commands to the air-gapped systems.

Interdiction techniques: Attackers can intercept physical goods and replace them with versions featuring malware. For instance, malware can be placed on CDs handed out at conferences that will spread the malware when used.

This article originally appeared as an exclusive on the CRN Tech News App for iOS and Windows 8.