Antivirus company Kaspersky Lab stated in a report released on January 14, 2013, that they have detected a global computer spy operation spread across Central Asia and Eastern Europe. According to Kaspersky, the campaign targets various storage media, collecting valuable information from hard drives, USB sticks, smartphones and computers. The company has termed the operation ‘Red October’.
The Moscow-based firm had also alerted the world to the ‘Flame’ malware in 2012, which spread like wildfire and appeared to have the backing of nation-states. In total around 22 countries have been hit by the Red October spy operation according to Kaspersky Lab; these counties include the United Arab Emirates, Belgium, Spain, Switzerland, US, Ireland, Japan and France.
The Kaspersky Lab report says, “The main purpose of the operation appears to be the gathering of classified information and geopolitical intelligence, although it seems that the information-gathering scope is quite wide”. The spy operation is being apparently run by Russian-speaking individuals and have well-equipped infrastructure under their control. However, this operation is not similar to previous spy operation such as Gauss, DuQu or Flame.
Costin Raiu, who is a senior security researcher at Kaspersky Lab said that there does not appear to be any backing of a nation-state in the current operation; rather Red October could be the result of freelance cyber-criminals trying to sell valuable government data in the black market.