Home
In this issue
April 9, 2014

Jonathan Tobin: Why Did Kerry Lie About Israeli Blame?

Samuel G. Freedman: A resolution 70 years later for a father's unsettling legacy of ashes from Dachau

Jessica Ivins: A resolution 70 years later for a father's unsettling legacy of ashes from Dachau

Kim Giles: Asking for help is not weakness

Kathy Kristof and Barbara Hoch Marcus: 7 Great Growth Israeli Stocks

Matthew Mientka: How Beans, Peas, And Chickpeas Cleanse Bad Cholesterol and Lowers Risk of Heart Disease

Sabrina Bachai: 5 At-Home Treatments For Headaches

The Kosher Gourmet by Daniel Neman Have yourself a matzo ball: The secrets bubby never told you and recipes she could have never imagined

April 8, 2014

Lori Nawyn: At Your Wit's End and Back: Finding Peace

Susan B. Garland and Rachel L. Sheedy: Strategies Married Couples Can Use to Boost Benefits

David Muhlbaum: Smart Tax Deductions Non-Itemizers Can Claim

Jill Weisenberger, M.S., R.D.N., C.D.E : Before You Lose Your Mental Edge

Dana Dovey: Coffee Drinkers Rejoice! Your Cup Of Joe Can Prevent Death From Liver Disease

Chris Weller: Electric 'Thinking Cap' Puts Your Brain Power Into High Gear

The Kosher Gourmet by Marlene Parrish A gift of hazelnuts keeps giving --- for a variety of nutty recipes: Entree, side, soup, dessert

April 4, 2014

Rabbi David Gutterman: The Word for Nothing Means Everything

Charles Krauthammer: Kerry's folly, Chapter 3

Amy Peterson: A life of love: How to build lasting relationships with your children

John Ericson: Older Women: Save Your Heart, Prevent Stroke Don't Drink Diet

John Ericson: Why 50 million Americans will still have spring allergies after taking meds

Cameron Huddleston: Best and Worst Buys of April 2014

Stacy Rapacon: Great Mutual Funds for Young Investors

Sarah Boesveld: Teacher keeps promise to mail thousands of former students letters written by their past selves

The Kosher Gourmet by Sharon Thompson Anyone can make a salad, you say. But can they make a great salad? (SECRETS, TESTED TECHNIQUES + 4 RECIPES, INCLUDING DRESSINGS)

April 2, 2014

Paul Greenberg: Death and joy in the spring

Dan Barry: Should South Carolina Jews be forced to maintain this chimney built by Germans serving the Nazis?

Mayra Bitsko: Save me! An alien took over my child's personality

Frank Clayton: Get happy: 20 scientifically proven happiness activities

Susan Scutti: It's Genetic! Obesity and the 'Carb Breakdown' Gene

Lecia Bushak: Why Hand Sanitizer May Actually Harm Your Health

Stacy Rapacon: Great Funds You Can Own for $500 or Less

Cameron Huddleston: 7 Ways to Save on Home Decor

The Kosher Gourmet by Steve Petusevsky Exploring ingredients as edible-stuffed containers (TWO RECIPES + TIPS & TECHINQUES)

Jewish World Review

'Red October' malware found snooping on Russian state networks

By Fred Weir





Tom Clancy fantasy come to life

Newly discovered virus -- probably vacuuming top secret data from diplomatic, scientific, and corporate computers around the world -- has infected servers worldwide, but former Soviet states are being worst hit. Why?


JewishWorldReview.com |

mOSCOW — (TCSM) When computer security experts recently discovered the hugely sophisticated and obviously state-sponsored cyber-spy worms Stuxnet and Flame, many wondered out loud whether organized criminals might soon get their hands on similar malware tools that can siphon almost any sensitive information from even the best-guarded system.

The answer may have been staring at them from their computer screens all along.

On Monday, the Russian Internet security firm Kaspersky Labs announced that it has hunted down a previously unknown, advanced cyber-espionage network that it calls "Red October," (after Tom Clancy's novel) which has probably been vacuuming top secret data from diplomatic, scientific, and corporate computers around the world since 2007.

According to the firm, the network is still active.

"Red October operations started five or more years ago, and during that time attackers went unnoticed," says Igor Soumenkov, a malware expert with Kaspersky Labs. "That is why discovery of other attacks of the same class is possible, and we do expect it."

But unlike Stuxnet and Flame, which were almost certainly cyber weapons deployed by the US and its allies against adversaries like Iran, victims of the new "Red October" malware, or Rocra for short, span the globe.



RECEIVE LIBERTY LOVING COLUMNISTS IN YOUR INBOX … FOR FREE!

Every weekday JewishWorldReview.com publishes what many in the media and Washington consider "must-reading". HUNDREDS of columnists and cartoonists regularly appear. Sign up for the daily update. It's free. Just click here.

Kaspersky says in its report that it began investigating the network after a tip-off from an anonymous partner, and has so far identified hundreds of infections worldwide, all of them in top locations such as government networks, diplomatic institutions, nuclear and aerospace agencies, and international trade groups.

The largest number of attacks — almost 100 — have struck computers in Russia and the former Soviet Union. But, Kaspersky says, "there are also reports coming from North America and Western European countries such as Switzerland or Luxembourg."

The attackers designed custom software to attack particular computer systems, experts say, using "unique modular architecture" comprised of malicious extensions, data-grabbing modules, and backdoor trojans. Information extracted was often re-used to gain entrance to other systems, by making it easier for the hackers to guess passwords and bypass security barriers.

'MOTHERSHIP' CLOAKED
The network of infected computers was controlled by a vast infrastructure created by the attackers, including more than 60 domain names and server hosting locations in several countries, mainly Russia and Germany. Kaspersky says the network was cleverly camouflaged to hide the location of the "mothership" control server.

The level of "Red October's" sophistication is comparable to the best state-sponsored efforts, such as Stuxnet and Flame, but could conceivably be the work of rogue operatives from the criminal world, says Mr. Soumenkov.

"This is the first attack that can be compared, judging by its complexity, with state-sponsored attacks like Flame," he says.

"But at the same time it can hardly be referred to as state-sponsored. It is unknown whether the collected data was used by attackers themselves, or was sold to other interested parties.... We are talking about the most sensitive types of data like confidential documents, e-mail exchanges, contact information. Scientific information was targeted as well, judging by the profiles of some victims," he adds.

While declining to name any culprits as yet, Kaspersky says based on several factors, including "numerous artifacts left in executables of the malware, we strongly believe that the attackers have Russian-speaking origins."

They also suggest that Chinese hackers may have been involved in setting up the network.

"It's probably not correct to say that this threat comes from Russia," says Alexei Lukatsky, a consultant for CISCO in Russia.

"The servers are situated in Russia and in Germany, but when we're talking about hosting servers, any company or any person from any part of the world can actually do it. The Internet has no borders.... The same is true about the claim of Chinese traces. The only context where Chinese experts can be mentioned here is the fact that the vulnerabilities used for this type of programs were identified first by Chinese specialists," Mr. Lukatsky says.

This is the second time Kaspersky has uncovered a major global cyber threat, which could raise questions among the suspicious-minded about whether it may be acting as a cat's paw, or even agent, for Russian intelligence interests. Its exposure of Flame last year was probably quite untimely from the US point of view.

"It strikes me as odd that this was exposed by a private company working on a private order," says Alexei Kondaurov, a former KGB major general. "Where are FAPSI [the former Russian equivalent of the US National Security Agency], the CIA, and other agencies that are supposed to be on top of these threats? Maybe Kaspersky is interested in advertising itself, and that's why there's so much noise about this?"

Sign up for the daily JWR update. It's free. Just click here.

Interested in a private Judaic studies instructor — for free? Let us know by clicking here.

Comment by clicking here.




© 2013, The Christian Science Monitor

Quantcast