Red October cyberattack opens new chapter in cyber espionage
The latest and greatest cyber incident has caught fire in the press. Dubbed Operation Red October, the cyber spying program has been traced back to 2007. Yes, it has been in place and covertly collecting untold amounts of information for at least five years. Just how much information is the big unknown; but one thing is for sure, there are a lot of people working long hours to figure that out.
Multiple investigators examining this incident have all come away shocked after discovering some of the many unique aspects of the well-designed attack. At the top of the wow-factor list is its size from three different standpoints. First, it has been found to hit targets in 39 different countries. Second, the command and control network of intermediary servers were found to be located in 22 different countries. The third factor is the number of components that were discovered to have been used in the malicious software. At this point, more than 1,000 modules and program objects have been identified, many with unique capabilities.
Particularly troubling is the fact that the well-designed attack actually targeted encrypted files. Why would you do that unless you have the key to decrypt those files? There weren’t just files of individuals, those behind the attack also targeted diplomats. In the days following the media storm about this latest act of cyber espionage, the interest in diplomatic cybersecurity has increased substantially. It was even brought up in the House of Representatives' hearing on Benghazi questioning of State Secretary Hillary Clinton.
This is one cyber episode that will be well worth watching in the days and months to come, as more is learned about the attack and the motives of those behind it.
Posted by Kevin Coleman on Jan 31, 2013 at 12:55 PM