Kaspersky Lab Unearths Cyber-Spying Operation, Christens It ‘Red October’

The motive? Probably dollar dollar bills.


The Russian antivirus firm that first fingered Stuxnet as a state-sponsored cyberattack is outing massive clandestine digital operations once more. This time, Kaspersky Lab says they’ve uncovered a massive, years-long cyber-espionage campaign. The perpetrators: unknown. Demonstrating a rather charming flare for the dramatic, the Moscow-based researchers have dubbed the network “Red October.”

We had long suspected the lads and ladies of Kaspersky were Tom Clancy types.

Researchers announced the discovery in a blog post:

During the past five years, a high-level cyber-espionage campaign has successfully infiltrated computer networks at diplomatic, governmental and scientific research organizations, gathering data and intelligence from mobile devices, computer systems and network equipment.

Whoever it was tipped Kaspersky to the malware “prefers to remain anonymous.”

The perpetrators target organizations in the Russian Federation, Eastern Europe, and Central Asia–but North America and Western Europe aren’t immune, either. “Hundreds” worldwide have been affected, across categories like military, research institutions, aerospace, oil and gas, and so forth–“all of them in top locations such as government networks and diplomatic institutions.”

As for who’s behind the network, researchers write that they “strongly believe that the attackers have Russian-speaking origins.” However, anybody starts hallucinating the rumbling guns of distant cyberwar:

Currently, there is no evidence linking this with a nation-state sponsored attack. The information stolen by the attackers is obviously of the highest level and includes geopolitical data which can be used by nation states. Such information could be traded in the underground and sold to the highest bidder, which can be of course, anywhere.


Kaspersky Lab Unearths Cyber-Spying Operation, Christens It ‘Red October’