Cybersecurity News

A sophisticated cyber-espionage campaign has been successfully penetrating diplomatic, governmental and scientific research organizations across the globe for nearly five years, according to a new report.

Dubbed “Red October,” the malware was first discovered by security giant Kaspersky Lab in October 2012, after the lab’s researchers began investigating a series of cyber attacks against international diplomatic service agencies.

“During the past months, we’ve counted several hundreds of infections worldwide – all of them in top locations such as government networks and diplomatic institutions,” the researchers revealed last week in a report on the issue. “The infections we’ve identified are distributed mostly in Eastern Europe, but there are also reports coming from North America and Western European countries such as Switzerland or Luxembourg.”

According to the lab, Red October has been successfully stealing data from smartphones, removable disk drives, email databases from Microsoft Outlook and from local network FTP servers.

“Based on registration data of the [control-and-command] servers and numerous artifacts left in executables of the malware, we strongly believe that the attackers have Russian-speaking origins,” the researchers concluded, noting that the malware appeared to seek out classified software used by entities like the European Union and NATO.

But just as fast as news of the cyber-espionage campaign spread, Kaspersky Lab on Friday released an additional report to note that the attackers appeared to be closing up shop.

“It’s clear that the infrastructure is being shut down,” Kaspersky security specialist Costin Raiu said in a statement. “Not only [are] the registrars killing the domains and the hosting providers killing the command-and-control servers, but perhaps the attackers [are] shutting down the whole operation.”

While Raiu advised there may still be a number of servers involved that Kaspersky Labs has yet to uncover, for now, it seems the attackers behind Red October know they are being hunted.

____

Following are some additional cyber headlines you may have missed:

FEDERAL NEWS:

DHS losing a senior cybersecurity leader (GovInfoSecurity)

DOD to forge stronger cyber ties with European allies (Defense Systems)

DHS warns of password-cracker targeting industrial networks (NextGov)

NIST cybersecurity center calls for HIE pilot volunteers (GovernmentHealthIT)

INDUSTRY OVERVIEW:

American power plants shut down by cyber attack (Yahoo News)

Yahoo’s CISO departs – with more top execs under CEO scrutiny (All Things D)

INTERNATIONAL  OUTLOOK:

Kenya falls victim to cyber attack (Daily Nation)

Cybersecurity to be tertiary-level subject in India (ZDNet)

UK, NZ to work together on cybersecurity (TV New Zealand)

South Korea says North was behind cyber attack on newspaper (AFP

Facing modern cybersecurity threats in China (Asia Pacific FutureGov)

Iran beefed up its own cyber security after Stuxnet, says US general (Reuters)

Singapore Government strengthens cyber attack prevention laws (Out-Law.com)

HACKING HIGHLIGHTS:

A hacker says smart grid can be penetrated (New York Times)

Hacker Olympics draws top students to Silicon Valley (Mashable)

How M.I.T. ensnared a hacker, bucking a freewheeling culture (New York Times)

CYBER INSIGHTS:

Cyberwar’s gray market (Slate)

4 steps for proactive cybersecurity (InformationWeek)

Random security predictions for 2013 (Network World)

4 ways to prepare for and fend off DDoS attacks (CIO Magazine)

Cybersecurity soon to be subject in varsities, tech colleges (The Economic Times)

____

This report is also available on ClearanceJobs.com at: http://www.clearancejobs.com/defense-news/1071/cybersecurity-news-round-up