For nearly a year, the researchers [Kaspersky] have been gradually collecting components that belong to several highly sophisticated digital spy platforms that they say have been in use and development since 2001, possibly even as early as 1996, based on when some command servers for the malware were registered. They say the suite of surveillance platforms, which they call EquationLaser, EquationDrug and GrayFish, make this the most complex and sophisticated spy system uncovered to date.
See also Ars Technica:
The accomplishments led Kaspersky researchers to conclude that Equation Group is probably the most sophisticated computer attack group in the world, with technical skill and resources that rival the groups that developed Stuxnet and the Flame espionage malware.
The attackers managed to rewrite hard drives' firmware to enable persistence. Reuters quotes sources saying it was in fact the NSA and quotes Kaspersky's argument:
The authors of the spying programs must have had access to the proprietary source code that directs the actions of the hard drives. That code can serve as a roadmap to vulnerabilities, allowing those who study it to launch attacks much more easily.
"There is zero chance that someone could rewrite the [hard drive] operating system using public information," [lead Kaspersky researcher Costin Raiu] said.
Incredible.