Canada spared by Red October cyber spy ring?

A high-level cyber espionage campaign has successfully broken into computers and networks of government, diplomatic and scientific research organizations around the world for the last five years, according to a report from security software firm Kasperksy Labs.

The campaign, called Rocra (short for Red October) by Kaspersky, is still actively gathering data and intelligence information from mobile devices, computer systems and network equipment of specific targets in Eastern Europe, Central Asia, Western Europe and the United States but seems to have missed Canada.

Top 10 in Kaspersky’s list of most infected nations (those with more than 5 victims) are:

Russian Federation – 35 infections
Kazakhstan – 21
Azerbaijan – 15
India – 14
Afghanistan – 10
Armenia – 10
Iran – 7
Turkmenistan – 7
Ukraine – 6
United States – 6

Information harvested from infected networks is currently being reused for later attacks, said the security company. For example, stolen credentials were compiled in a list and used when attackers needed to guess passwords and network credentials in other locations.

RELATED CONTENT

To control the network of infected machines, Kaspersky said, the attackers created 60 domain names and several server locations in different countries.

“The C&C infrastructure is actually a chain of servers working as proxies and hiding the location of the true-mothership-command and control server,” the report said.

The multi-functional framework used by the attackers also allow them to steal data from mobile phones, dump enterprise network equipment configuration, hijack files from removable disk drives, steal e-mail databases from Local Outlook storage or remote POP/MAP servers and get files from local network FTP servers.

For more information on Red October go to the Kaspersky Labs Securelist blogsite

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now