Home >> Security

Canada spared by Red October cyber spy ring?

By: Nestor E. Arellano On: 15 Jan 2013 For: Computing Canada Creator

A virulent cyber espionage network has attacked nations both large and small across the globe but apparently left Canada untouched, according to a report from Kaspersky Labs

A high-level cyber espionage campaign has successfully broken into computers and networks of government, diplomatic and scientific research organizations around the world for the last five years, according to a report from security software firm Kasperksy Labs.

The campaign, called Rocra (short for Red October) by Kaspersky, is still actively gathering data and intelligence information from mobile devices, computer systems and network equipment of specific targets in Eastern Europe, Central Asia, Western Europe and the United States but seems to have missed Canada.

Top 10 in Kaspersky’s list of most infected nations (those with more than 5 victims) are:

Russian Federation – 35 infections
Kazakhstan – 21
Azerbaijan – 15
India – 14
Afghanistan – 10
Armenia – 10
Iran – 7
Turkmenistan – 7
Ukraine – 6
United States - 6

Information harvested from infected networks is currently being reused for later attacks, said the security company. For example, stolen credentials were compiled in a list and used when attackers needed to guess passwords and network credentials in other locations.

RELATED CONTENT

Cyber espionage is expanding
Canada’s cyber security falling short

To control the network of infected machines, Kaspersky said, the attackers created 60 domain names and several server locations in different countries.

“The C&C infrastructure is actually a chain of servers working as proxies and hiding the location of the true-mothership-command and control server,” the report said.

The multi-functional framework used by the attackers also allow them to steal data from mobile phones, dump enterprise network equipment configuration, hijack files from removable disk drives, steal e-mail databases from Local Outlook storage or remote POP/MAP servers and get files from local network FTP servers.

For more information on Red October go to the Kaspersky Labs Securelist blogsite

Sign up for our Newsletters

Tags: malware threats, cyber espionage, network security

Close X

Your Name:

Your E-mail:

Friend's Name:

Friend's E-mail:

Close X

| Views: 2035 | Rating:

(0 votes)

Rate this article on a scale of
1 to 5 stars,5 being the best.

Close X

Page 1

Quick Access

Video Conferencing Cloud Computing Resource Centre CIO Canada's Brainstorm Centre CIO Canada Debate IdeaCity Conference June 18-20 - Toronto

Nestor E. Arellano – Newswire Specialist Nestor edits and posts newswire content for ITWorldCanada’s online publications and e-newsletters. Nestor joined ITWC in 2006 as a senior writer an... more

Recent Canadian IT Jobs

more: IT Jobs , Post A Job

blog comments powered by Disqus

Related Videos

Building an Enterprise IT Security Training Program

Building an Enterprise IT Security Training ProgramOver 50% of security breaches are a result of end-user error, oversight, and ignorance. IT security training is an effective method of reducing end-user related security breaches.

Cloud Computing: Extending the Network (3 of 3)

Cloud Computing: Extending the Network (3 of 3)The end goals of private cloud computing are to; Enable efficient delivery of IT resources and services; Give the enterprise complete control over data; Enable choice in technologies and service providers

Cloud Computing: Getting to One Network (1 of 3)

Cloud Computing: Getting to One Network (1 of 3)In this first video of the series, the team will take you through how to consolidate the different types of traffic onto a single, general-purpose, high-performance, highly available network that greatly simplifies the network infrastructure and redu

Cloud Computing: The Unified Compute Model (2 of 3)

Cloud Computing: The Unified Compute Model (2 of 3)In this second video, the team will look at how to unite computing, networking, storage access, and virtualization into a single cohesive system. The Unified Compute model prepares you for cloud computing. This will be discussed in the next and fin

Professors warn of arms race in cyberspace

Professors warn of arms race in cyberspaceAt a panel discussion organized by Osgoode Hall, professors Ronald Deibert and Stephane Leman-Langlois discussed the attacks on Google Inc. and the challenges of working in countries such as China.

Computing Canada Poll

Read the Computing Canada articles you made happen.

• Democratizing Business Continuity
• Agility and efficiency through virtual switching

* Sponsored by Microsoft

Related White Papers

Getting a better grip on mobile devices - IBM Software provides solutions and strategies for managing both employee-owned and enterprise-owned equipment.

2012 Bit9 Cyber Security Research Report - The 2012 Bit9 Cyber Security Research Report presents the perspectives of more than 1,800 IT professionals on the world of advanced cyber threats.

Realistic Security, Realistically Deployed: Today's Application Control and Whitelisting - With today's sophisticated and constant barrage of cyber-threats defenses focused on a blacklist "permit-all-except" philosophy are doomed to fail. Modern security requires an application control and whitelisting approach.

Advanced Threat Landscape: What Organizations Need to Know - Combating today's cyber-threats requires an approach based on trust, not the blacklisting security strategies of the past.

IFCG Addresses Privacy and Data Security in a Regulated Industry Through a Managed Security Services Provider - IFCG turned to No Panic Computing (NPC) to provide security-hardened laptops, monitored and managed 24/7, boasting biometric access, encrypted hard drives, sophisticated anti-virus monitoring and an OS optimized for performance and data protection.

more: White Papers