... rewrote the hard-drive firmware of infected computers—a
never-before-seen engineering marvel that worked on 12 drive
categories from manufacturers including Western Digital, Maxtor,
Samsung, IBM, Micron, Toshiba, and Seagate.
The malicious firmware created a secret storage vault that survived
military-grade disk wiping and reformatting, making sensitive
data stolen from victims available even after reformatting the
drive and reinstalling the operating system. The firmware also
provided programming interfaces that other code in Equation
Group's sprawling malware library could access. Once a hard drive
was compromised, the infection was impossible to detect or remove.
That appears to be the act of a nation-state though. I don't really sweat those, because I'm pretty sure if the NSA really wants in to my machine, I can't stop them.
I'm not saying it is acceptable or that it doesn't matter. Just that, when it comes to my own personal computer, it isn't worth worrying about.
I have a lot of friends who haven't figured out the whole security-as-a-spectrum thing, and they spend a lot of time giving themselves grey hairs over adversaries that 1) they can't beat, 2) aren't worth beating, and 3) don't care about them anyway.
