e-espionage: Operation Red October against India

K.V. Kurmanath Hyderabad | Updated on March 12, 2018

India and several other countries including Russia, Europe and Central Asia have woken up to a new cyber espionage attack.

The Operation Red October, called Rocra for short, a stealth cyber attack, primarily targets government, diplomatic, public research institutions, nuclear research, aerospace and oil and gas companies.

Rocra is still active as of January 2013, and has been a sustained campaign dating back as far as 2007.

While the Russian Federation tops the list with 38 attacks, Kazakhstan (21), Belgium (16), Azerbaijan (15) and India (14) occupy the subsequent slots.

“The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment,” said a cyber security analyst with the Moscow-based security solutions firm Kaspersky.

The attackers often used information that they stole from infected networks, as a way to gain entry into additional systems. For example, stolen credentials were compiled in a list and used when the attackers needed to guess passwords or phrases to gain access to additional systems.

“To control the network of infected machines, the attackers created more than 60 domain names and several server hosting locations in different countries, with the majority being in Germany and Russia. The chain of servers was actually working as proxies in order to hide the location of the ‘mothership’ control server,” he said.


Published on January 15, 2013

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

This article is closed for comments.
Please Email the Editor

You May Also Like