Last October, a world-name in IT anit-virus security and research, Kaspersky, revealed the workings of five-year old malware program hitting on networks throughout “diplomatic, governmental and scientific research organizations,” according to a post on SecureList.org, “The Red October Campaign…An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies.”
The spree has include siphoning data from our smartphones, computers and network hardware by concentrating mainly on targets throughout Eastern Europe, but with ongoing successes, too, within North America and Western Europe.
“Rocra” (Red October) is still up and running without any proven identify that might tie it to a particular organization or government. What is known, is that the “malware modules” were actually developed by “Russian-speaking operatives.”
“The information stolen by the attackers is obviously of the highest level and includes geopolitical data which can be used by nation states. Such information could be traded in the underground and sold to the highest bidder, which can be of course, anywhere.”
Besides ‘government’ targets, the malware program remains far-reaching into research entities, commerce and trade organizations, nuclear/energy research; other infections have been found throughout oil and gas companies, aerospace and the military.
Finding its way into Microsoft Excel and Word, the malware uses three variations and uses a trojan dropped in the network to scan to see if other portals are open to the same “security flaw.”
We always follow those best practices underlying in our industry, beginning with a professional assessment of your security needs by our team of IT experts.
Contact Superior Solutions Inc., if you want more information about our consulting and digital forensic services…or how you can implement a ‘penetration testing’ scenario to identify the vulnerabilities within your networks.