Operation Red October Offers More Proof Cyber Espionage is Alive and Well – Global Digital Forensics Helps Clients Protect Digital Assets, Intellectual Property and Other Electronic Secrets

Share Article

The days when spies needed to break into highly secure areas to snap pictures of secret files in a dark room with a miniature camera have become another 20th century relic collecting dust, because today, companies’ fortunes rise and fall on how well secrets living in digital form can be kept. Global Digital Forensics offers newly updated testing and solutions designed to help clients navigate the cyber warfare and cyber espionage battlefields of 2013.

News Image

Cyber Enemies are Always on the Lookout

we live in age where the question is less often whether or not an organization’s digital assets have been compromised, but instead has far more often become, how long have they been compromised?

On Monday, Kaspersky Labs, a leading Russian cyber security firm, released details about an operation dubbed “Red October,” a cyber espionage campaign carried out over the last 5 plus years which mainly targeted agencies and organizations in Eastern Europe, former USSR Republics and Central Asia, although targets in Western Europe and North America were also found. Red October was all about accessing and exfiltrating sensitive information, the truest definition of cyber espionage. While the Red October campaign displayed a high level of sophistication, at this time it is not believed to be a state-sponsored campaign, but rather carried out by coordinated hackers of Russian-speaking origin. The methods identified as the initial attack vectors included complex spear phishing campaigns, Trojan delivery and a network of over 60 domain names and servers positioned in various countries to help conceal their tracks. Global Digital Forensics specializes in helping clients fortify these types of attack vectors with a combination of solutions including penetration testing, cyber threat assessments, internal policy and procedural reviews, social engineering testing and training, as well as Cyber Emergency Response Teams.

The founder and CEO/CTO of Global Digital Forensics (GDF), Joe Caruso, has assisted countless clients to combat these types of cyber enemies constantly lurking at the gates. He had this to say about the Red October Report, “If there is one lesson that should really sink in from an advanced cyber espionage campaign like Red October, it’s this; we live in age where the question is less often whether or not an organization’s digital assets have been compromised, but instead has far more often become, how long have they been compromised?”

“The report on Red October may not perk up as many ears in the US as it should because the majority of targets were not US-based. But the fact that an active, sophisticated cyber espionage campaign has been compromising the digital assets of high level organizations in other cyber-savvy countries for over 5 years, completely undetected, should really sink in with IT security specialists everywhere. Not only were they siphoning off reams of sensitive electronic data in the form of documents, spreadsheets and a host of other file types, but they were also building detailed password lists from affected networks and systems and then using that information to gain access to even more sensitive assets, thanks to the terrible but abundant practice of reusing the same passwords for multiple platforms and systems. It even seeks out and makes the leap to compromise mobile devices like smartphones to additionally increase the pool of digital information it can intercept and pilfer. And to really complicate any attempted eradication, it even employs a dastardly resurrection module embedded as a plug in to Adobe Reader and Microsoft Office applications which allows the attackers to regain control of the system even after it has been discovered and removed.”

“But success in combating even advanced threats like Red October can be significantly improved by getting back to the basics of cyber security, as in this case, thwarting the main entry vector which was coordinated with sophisticated spear phishing attacks.”

Global Digital Forensics offers advanced assistance and solutions to help organizations not only significantly improve their cyber security posture through advanced penetration testing, cyber threat assessments, and policy and procedure review with detailed remediation steps and suggestions, but to also give clients access to experienced Cyber Emergency Response Teams already familiar with the unique layout of the client’s entire cyber landscape and threat vectors uncovered during the assessment, testing, and reviews already performed. GDF’s maintains an arsenal of state-of-the-art tools and labs, and has the real-world industry experience with a wide variety of clients accumulated from two decades of trial-by-fire while successfully assisting clients ranging from Fortune 500 companies to small businesses with their most sensitive cyber issues.

Helping clients take both the right proactive and reactive steps to meet the cyber security challenges already on the radar entering 2013, as well as those cyber threats yet undiscovered looming on the horizon, is a task GDF’s consistently evolving nature is adeptly suited to meet.

*Global Digital Forensics is a recognized industry leader in the fields of cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare and education arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Don’t hesitate to get help if an incident has already happened. For more information, visit http://www.evestigate.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Aris Demos
Visit website