Join over 120+ tech professionals by guest blogging for CitizenTEKK. We encourage submissions. If you’re a startup, developer, programmer, investor, mentor, or other thought leader in the startup and developer community, please don’t hesitate to apply!

 

 

 

Build forms to make smarter, faster decisions with WizeHive

Kaspersky Labs Explains Red October: The Largest Cyber Espionage Case in History

657
Black and White image of the world and cyber espionage

“According to our knowledge, never before in the history of ITSec has [a] cyber-espionage operation been analyzed in such deep detail … the research that we are publishing today is perhaps the biggest malware research paper ever.” –  Kaspersky Lab, January 2013

 

Red October is a high-level cyber-espionage campaign that infiltrated computer networks for 5 years at diplomatic, governmental and scientific research organizations mostly in Eastern Europe, Central Asia, Western Europe and North America – including the United States.

 

During the past several months we’ve been analyzing the malware, and have counted several hundreds of infections worldwide. The main purpose of the Red October operation appears to be the gathering of classified information and geopolitical intelligence; although it seems that the information gathering scope is quite wide. During the past five years, the attackers collected information from hundreds of high profile victims although it’s unknown how the information was used.  The primary victims were in all sorts of organizations ranging from embassies, governments to oil and gas, nuclear energy and research institutions.

 

We have observed the use of at least four different exploits for previously known vulnerabilities to gain access to information: one in MS Excel, two in MS Word and one in Java. The attackers initially gained access to networks by sending specially crafted spear phishing emails. These emails would entice the receiver to open the attached malicious document, which would then try to exploit a software vulnerability to silently install the malware.

 

Although we don’t know who the attackers are, we are highly confident that they’re Russian-speaking. That still doesn’t tell us anything about their whereabouts though – they could be located in Brooklyn, NY for all we know. But we do know their motivation is to steal as much information from as many devices as possible. There also seems to be a focus on political espionage more than any other type of espionage.

 

Red October is very well-executed, both from a creation and operation point of view. Considering cyber-warfare operations are highly developed attacks designed to undermine critical energy, finance, telecommunications and government cyber-network infrastructures worldwide, one of my biggest concerns, which is a concern shared by many, is the security of the infrastructures that control such systems: SCADA (supervisory control and data acquisition). Since SCADA systems are accessible via conventional computer networks, they are vulnerable to hackers.  Because of these concerns, Kaspersky Lab is developing a secure operating system for these systems.  This type of secure unit is the first step towards an efficient protection against cyber-warfare.

 

citizentekk NOTE: Read more about SCADA systems inside this issue from Bjorn Frogner, PhD in Nuclear Engineering.

 

In order to thwart cyber-attacks, collaboration and information sharing of mitigation techniques and countermeasures must be cultivated on a global and local level. By integrating defensive technologies with educational training and guidance, a more secure infrastructure will be created while also driving up the cost of cybercrime by making exploitation and cyber-attacks more expensive to conduct.

 

 



4 Comments
  • seo
    January 6, 2014 at 2:58 am

    Hello Web Admin, I noticed that your On-Page SEO is is missing a few factors, for one you do not use all three H tags in your post, also I notice that you are not using bold or italics properly in your SEO optimization. On-Page SEO means more now than ever since the new Google update: Panda. No longer are backlinks and simply pinging or sending out a RSS feed the key to getting Google PageRank or Alexa Rankings, You now NEED On-Page SEO. So what is good On-Page SEO?First your keyword must appear in the title.Then it must appear in the URL.You have to optimize your keyword and make sure that it has a nice keyword density of 3-5% in your article with relevant LSI (Latent Semantic Indexing). Then you should spread all H1,H2,H3 tags in your article.Your Keyword should appear in your first paragraph and in the last sentence of the page. You should have relevant usage of Bold and italics of your keyword.There should be one internal link to a page on your blog and you should have one image with an alt tag that has your keyword….wait there’s even more Now what if i told you there was a simple WordPress plugin that does all the On-Page SEO, and automatically for you? That’s right AUTOMATICALLY, just watch this 4minute video for more information at. Seo Plugin

    Reply
  • Mobile Apps
    May 27, 2013 at 9:26 am

    Touche. Solid arguments. Keep up the amazing work.

    Reply
  • baidu censor
    April 15, 2013 at 10:46 am

    Other countries censor content and not just rogue regimes such as the Iranian mullocracy. Poor people! http://www.baidu.com

    Reply
Trackbacks

Leave a Comment

Your email address will not be published. Required fields are marked with *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>