Sign in with
Sign up | Sign in

'60 Minutes' BIOS Plot May Be NSA Invention

By - Source: Tom's Guide US | B 19 comments
Tags :

"News," an old journalistic adage goes, "is what someone, somewhere wants to suppress. All the rest is publicity."

The two-segment piece CBS News' "60 Minutes" aired last night (Dec. 15) on the National Security Agency (NSA) was terrific publicity. Half a dozen NSA officials, including Director Gen. Keith Alexander, calmly explained how the NSA protects America from terrorists without treading harshly on Americans' privacy. Not a single critic of the agency was interviewed, or even named.

And then there was this scoop: The NSA stopped a "catastrophic" Chinese scheme, called the "BIOS plot," to "destroy every computer in the world."

MORE: 12 Things You Didn't Know Could Be Hacked

"Think about the impact of that across the entire globe," NSA Director of the Information Assurance Directorate Debora A. Plunkett told CBS reporter John Miller. "It could literally take down the U.S. economy."

That was news to many security experts, who had never before heard of the "BIOS plot," even though "60 Minutes" asserted that "computer manufacturers" had worked with the NSA "to close this vulnerability." Such an undertaking would have been well known in the information-security community.

Plunkett gave only the barest outline of the supposed Communist scheme, not specifying when and how the plot was uncovered and foiled. CBS' confirmation of the plot's existence and provenance relied on unnamed "cybersecurity experts briefed on the operation" who "told us it was China."

Security experts aren't buying it.

How BIOS malware works

"There is probably some real event behind this, but it's hard to tell, because we don't have any details," wrote Robert Graham, CEO of Atlanta penetration-testing firm Errata Security, on his blog last night. "It's completely false in the message it is trying to convey. What comes out is gibberish, as any technical person can confirm."

It's technically possible to craft the kind of attack Plunkett described — a fake firmware update that infects the Basic Input/Output System (BIOS), a small piece of software built into the motherboards of most personal computers. (Macs and some recent Windows machines don't use BIOS.)

"So," Miller said during the interview, "this basically would have gone into the system that starts up the computer, runs the systems, tells it what to do."

"That's right," replied Plunkett.

"And basically turned it into a cinderblock," Miller said.

"A brick," Plunkett said, using the common techie term for a completely nonfunctional piece of hardware.

BIOS malware has been around for at least 15 years, and it wouldn't take much coding to corrupt the BIOS of an older motherboard so that it couldn't boot. (To repair the computer, the BIOS chip could be replaced or reprogrammed.) Newer BIOSes have security safeguards to prevent such attacks — but again, none of that is news.

"There's no special detail here," Graham wrote. "All [Plunkett and the NSA] are doing is repeating what Wikipedia says about BIOS, acting as techie talk layered onto the discussion to make it believable, much like how 'Star Trek' episodes talk about warp cores and Jefferies tubes."

"Stripped of techie talk," Graham said, "this passage simply says 'The NSA foiled a major plot, trust us.'"

Why China wouldn't destroy American computers

Other security experts questioned why China would want to destroy American computers at all, especially considering how interlinked the two countries' economies are, and how keeping infected computers running is much more advantageous for cyberspies.

"The problem I have with #60Minutes NSA story is that the BIOS story isn't believable," tweeted Graham's colleague, Errata Chief Technology Officer David Maynor. "If an enemy developed that attack, why brick the boxes?"

"I don't think that China, or anyone else on this planet, would damage the economy of the USA, for the simple reason that they would ultimately do damage to themselves (and their country/employer)," Avira researcher Sorin Mustaca told the Softpedia blog.

"I would fully understand if a government would try to control the computers in the U.S. (especially those that are critical)," Mustaca said, "but I don't understand why would anyone would want to destroy them."

In a behind-the-scenes video clip posted online, CBS News explained that the NSA approached the news organization about doing the piece, and that the agency reviewed the story before it was aired.

It's not clear whether Miller was hand-selected by the NSA to report the story, but he's not a regular "60 Minutes" correspondent. Miller has worked extensively as both a reporter — he traveled to Afghanistan in 1998 to interview Osama bin Laden — and also as a government official.

Miller has worked for the New York Police Department, the Los Angeles Police Department, the FBI and the Office of the Director of National Intelligence. He is reportedly being considered for another top job at the New York Police Department.

To get another side of the NSA story, read Ryan Lizza's long but very informative piece in this week's New Yorker magazine about the NSA. It's all online for free.

Lizza himself had some words after watching "60 Minutes" last night.

"Wow, the 60 Minutes piece about the NSA was just embarrassing," tweeted Lizza. "Kudos to the NSA communications staff. You guys should get a raise."

Follow Paul Wagenseil at @snd_wagenseil. Follow Tom's Guide at @tomsguide, on Facebook and on Google+.

Add your comment Display 19 Comments.
Top Comments
  • 17 Hide
    Shapeof Thesword , December 16, 2013 11:35 AM
    More phony Red Scare Communism fear tactics huh? Fuck off. We fell for that in the 60s but not now.

    Fuck you.
  • 14 Hide
    rwinches , December 16, 2013 11:43 AM
    The marks the official end to the term 'Trusted News Source".
  • 12 Hide
    dalethepcman , December 16, 2013 11:36 AM
    LOL @ this story. I'm sure the Chinese are attempting to destroy every computer in the world, because everyone everywhere knows they own stock in the abacus...
Other Comments
  • 17 Hide
    Shapeof Thesword , December 16, 2013 11:35 AM
    More phony Red Scare Communism fear tactics huh? Fuck off. We fell for that in the 60s but not now.

    Fuck you.
  • 12 Hide
    dalethepcman , December 16, 2013 11:36 AM
    LOL @ this story. I'm sure the Chinese are attempting to destroy every computer in the world, because everyone everywhere knows they own stock in the abacus...
  • 14 Hide
    rwinches , December 16, 2013 11:43 AM
    The marks the official end to the term 'Trusted News Source".
  • 10 Hide
    sykozis , December 16, 2013 11:55 AM
    The NSA, and the Gov;t as a whole, thinks the American people are stupid....
  • 4 Hide
    jldevoy , December 16, 2013 11:59 AM
    Government officials lying to boost their own agenda? say it isn't so.
  • -1 Hide
    DREGstudios , December 16, 2013 12:20 PM
    The dystopian fantasies of yesteryear are now a reality. We’ve allowed the coming of an age where the civil liberties our forefathers fought so hard for are being eroded by the day. Freedom of Press, Freedom of Speech and Freedom of Assembly are mere ghostly images of their original intent. We’ve woken up to an Orwellian Society of Fear where anyone is at the mercy of being labeled a terrorist for standing up for rights we took for granted just over a decade ago. Read about how we’re waging war against ourselves at http://dregstudiosart.blogspot.com/2011/09/living-in-society-of-fear-ten-years.html
  • 8 Hide
    rwinches , December 16, 2013 12:27 PM
    A glimmer of hope.
    NSA Phone Program Likely Unconstitutional, Federal Judge Rules
    http://www.huffingtonpost.com/2013/12/16/nsa-phone-program_n_4454538.html
  • 5 Hide
    lamorpa , December 16, 2013 1:31 PM
    Obvious hogwash. Start to finish. On so many levels. It's embarrassing for so many involved.
  • 2 Hide
    Cazalan , December 16, 2013 1:54 PM
    If NSA was so good at their job why does Microsoft have to be the ones taking down the botnets?
  • -3 Hide
    danwat1234 , December 16, 2013 1:56 PM
    10:20 in the "part 1, inside the NSA" video, that data wasn't taken, it was copied. If Snowden did remove data from the NSA's servers (if he had the proper administrative privileges), they surely would have found out soon.

    3:30 in the "part 2, a Snowden affair" video, a BIOS attack? The NSA believes it would have worked if they didn't stop it?
    Firstly, the virus could not get on a computer unless it was not behind a firewall. Most computers are behind not only a firewall in the device that acts as the gateway to the internet on the network, but also there is a firewall running on the computer itself. So in other words, the user would have to download this virus and accidentally run it.

    Second, the computer would only get this virus if they didn't have proper virus protection with proper heuristic analysis to detect unknown viruses, such as ones trying to modify the BIOS.

    Thirdly, this virus would need to gain administrative privileges of the Operating System in order to have the ability to inject the corruption in to the CMOS chip where the BIOS is stored. Yes it is possible it could gain access through a backdoor in some software but that is unlikely and very unlikely that this backdoor would be present in all the computers in the world!Yes, Windows XP runs user accounts with administrative privileges by default, so the virus would not need permission there. BTW, I notice the computer she is using is running Windows XP! The NSA had better upgrade before Microsoft stops patching XP, which will occur April 8th 2014. Because then future patches to newer Operating Systems will inform hackers of vulnerabilities in XP, that Microsoft will not patch.

    Fourth, computers use BIOSes from different manufactures, the virus would need to be able to detect this to know what to inject into the CMOS chip in order to brick the computer.

    Fifth, most modern computers have a way to recover the BIOS, by inserting a USB stick with the original BIOS that you can easily download from the computer's support website. So you could turn that brick into a computer again.Cheap shot, NSA.
    The NSA uses Windows XP, OMG!
  • 3 Hide
    Bobs Your Uncle , December 16, 2013 2:45 PM
    Anything publicly disseminated by any of the 3 Letter Shadow-Ops Agencies must be assumed to be false, based simply upon their own pattern of confronting verifiable fact with a litany of lies. We reached that realization some time ago.

    What I find most disturbing about this episode is that 60 Minutes was so easily co-opted into playing the role of a paid shill for these "Alpha Agencies". While the credibility of 60 minutes has certainly been questionable for quite some time, this shreds any basis for continued trust.

    The integration of corporate oligarchy throughout the mechanisms of federal governance continues unabated. It would be time for an evil laugh (muahahaha) if it wern't so tragic.
  • -3 Hide
    coolitic , December 16, 2013 3:41 PM
    Guys dont judge them YET. However, the NSA should of gave more details (assuming they are not lying) to not get a negative response. Without HARD proof, don't judge someone.
  • 3 Hide
    TeraMedia , December 16, 2013 6:34 PM
    Is this just a simplistic attempt to redirect us away from some of Snowden's revelations, or are they trying to cover up something even more embarrassing?
  • 2 Hide
    alextheblue , December 16, 2013 8:35 PM
    CBS knew this was a bull story when they rolled with it. But they also knew that the primary audience of 60 minutes is old people who have no idea how computers work, so they would never question it. Good PR for the NSA, free exclusive story for CBS.
  • 0 Hide
    canadianvice , December 16, 2013 9:28 PM
    This is something I always like about Toms, for any one article on something they mention some interesting subject matter (BIOS attacks) and you can bet the next header they follow it up with is "So, how does X really work?". Sometimes the info is nice and detailed, but even then, they like to make the world learn.
  • -2 Hide
    techguy911 , December 17, 2013 12:52 AM
    I have been a computer tech for over 30 years and yes this story is possible i have already seen this type of attack 14 years ago CIH virus it would brick bios i tired every trick in book to re-flash and had to resort to buying a bios flasher.
    This is nothing new although many new motherboards have dual bios now and can flash though usb.
    Just think people millions of people old computers suddenly become bricked what do consumers do when computer stops working they buy new ones.
    The computer market atm is horrible sales are at an all time low something like this would boost computer sales to crazy amounts.
    The CIH virus in it's day bricked over to half a million pc's most bioses atm are UEFI they have a HUGE security flaw that would allow all new pc's to be bricked very easily.
  • 2 Hide
    das_stig , December 17, 2013 12:52 AM
    60 Minutes = NSA bitches !!
    Personally, wouldn't give this programme, 60 seconds of my attention span, just bullshit journalism of the lowest quality !
  • 0 Hide
    JohnMD1022 , December 17, 2013 4:29 AM
    A government official in the Obama administration would lie to us?

    Who'da thunk it?
  • 0 Hide
    Marisa Louisa , January 1, 2014 6:54 AM
    Whether or not this whole thing is true, I'd rather see the US in charge of global security than China, Russia, Brazil, etc. There is little doubt that the US is a benevolent superpower and we all know that China would be a global bully and authoritarian dictatorship if ever it were to gain the upper hand in any security deal. Why is it that China has no real military alliances with any other functioning country while the US has such alliances with many highly developed countries? Finally, the US is using dirty tricks against those who use dirty tricks on us - I'm all for it!
React To This Article

Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter