Integrations Journal



How Spy Rings Get Busted In Today’s Digital Age: Antivirus Firm Uncovers Red October

Written by  Sorab Ghaswalla | 16 January 2013
E-mail PDF

KasperskyLabIt’s a startling claim, to put it mildly, and it has already got Internet experts and those from the global espionage world in a flutter (yes, you heard right, spies). All this because of a report put out by Kaspersky Lab late on Monday that it had identified a new computer virus that was targeting east European countries and appeared to be collecting classified files using NATO and EU encryption. 

Kaspersky has named the virus ‘Red October’ (obviously one of their analyst has a wry sense of humour). If you may recall, The Hunt for Red October was the title of a Hollywood blockbuster some years ago, where a nuclear submarine belonging to the erstwhile USSR, goes rogue.

The Russia-based anti-virus software firm in a statement said, "The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America." It said there was very strong technical evidence that the attackers have Russian-speaking origins.

So far the attacks have been targeted at organisations in Europe, former USSR Republics, Central Asia and North America, Kaspersky Lab claims.

What is more daunting is that Kaspersky Labs has also added that Red October may have been active since at least 2007. It had also infected smartphones and collected login information to test on other systems. Red October has what Kaspersky Lab called a unique "resurrection" module that hid in Adobe Reader and Microsoft Office programmes that allowed the attackers to even regain access if the virus was discovered and removed.
Operation Red October 

Founded in 1997, Kaspersky Lab employs more than 2,300 specialists and is a leading IT security and anti-virus software company.

The statement has send governments and related agencies scurrying. But in an interesting report this morning, The Christian Science Monitor has said US experts who have reviewed the Kaspersky report are divided over who might be behind the malware – a Russian crime syndicate harvesting sensitive information and selling it or holding it for ransom, or a sophisticated nation state. Kaspersky, for now, has said there’s no evidence of this being a State-sponsored attack.

Sorab Ghaswalla

Sorab Ghaswalla

Sorab Ghaswalla is the Founder of India-based digital world consultancy firm, New Age Content Services LLP, an Internet Entrepreneur & Consultant, a journalist, and owner/Editor of 2 websites. In his free time, he contemplates the larger implications of digital life.

blog comments powered by Disqus