Four institutions in Turkey targeted by cyber-spying campaign
A report released by Russian anti-virus company tur has revealed that the computers of three public buildings and an embassy in Turkey were hacked and confidential documents were stolen by a cyber-spying campaign named Red October, the Haberturk daily reported on Wednesday.
The daily said Red October has targeted state buildings, military facilities and energy groups across 69 countries over the past five years. Eastern Europe, former Soviet republics and countries in Central Asia are among the primary targets of Red October, according to Kaspersky Lab. There were also victims in Western Europe and North America.
In Turkey, the computers of three state buildings and embassy were attacked. However, Kaspersky did not name the places in question.
The company could not find out who was behind the cyber-spying campaign and whether any country is backing it, but concluded that Russian and Chinese spies are behind Red October.
Kaspersky said although it has a list of the names of the institutions which were attacked and the confidential documents stolen from them, it will not make these public.
Although it is not known whether there is any state support behind Red October, the stolen documents are the kind that would be of interest to a state, the daily said.
Kaspersky said attackers are using malware to slurp data and geopolitical intelligence from the targeted victims' computer systems, mobile phones and enterprise networks.
Kaspersky reported detecting 38 infections in Russia, which made it to the top the list of the attacked countries, while Kazakhstan was in second place with 21 infections.
There were 16 infections in Belgium due to its strong links with the European Commission, while six infections were detected in the US. The UK had no infections reported.
One of the tactics used by Red October hackers to be able to infiltrate the computers of a targeted place is to send an advertisement of an automobile for sale purporting to be from a diplomat. An email with a photo of the car is sent to the official email address of the target, which makes it possible for the hackers to gain access to the target's computer.