Cyber AttacksCyber SecurityFeatured

ROCRA Cyber Attack which recked havoc around the globe!

Red October Attack analysis and ethical frameworks
Red October Attack analysis and ethical frameworks

According to a report published by RAND states that “the global cost of cybercrime has direct gross domestic product (GDP) costs of $275 billion to $6.6 trillion and total GDP costs (direct plus systemic) of $799 billion to $22.5 trillion (1.1 to 32.4 percent of GDP)”. [1] This data alone shows the severity of cybercrime and the need to emphasise on cyber-crime prevention around the globe. The “Red October” cyber attack recked havoc around various government and secret agencies around the world.

Red October Cyber Attack is a Malware which is sometimes also referred to as ROCRA. Malware is a malicious code which gives unauthorized access to networks to perform thefts, sabotage or espionage. There are various types of malwares in the cyber space. Mostly the cyber-attacks use a combination of various kinds of malwares to achieve their goals.

The attacker can introduce malware into a network via malicious attachments or malicious downloads such as word/excel and phishing etc. Malware is also able to gain access through social engineering and connected drives. [2]

In 2013, Kaspersky Labs found this malware and stopped its spread, but till then the attack was successful. Moreover, it was reported by Kaspersky that this virus started spreading in 2007.

According to a report published by a Kaspersky Researchers: “During the past five years, a high-level cyber-espionage campaign has successfully infiltrated computer networks at diplomatic, governmental and scientific research organizations, gathering data and intelligence from mobile devices, computer systems and network equipment.” [3]

This cyber attack was able to target specific organisations in Eastern Europe such as the Russian Federation, former USSR members, countries in Central Asia, Western Europe and North America as well. In total, there were victims in 69 countries including the six infected machines in the United States. [3]

The attacker did proper research on target and then created an attractive email based on target’s weakness. When the user opened an email and download the attachment, the malware initial module will install itself on the system. To install such modules, the attacker used MS Office and MS Excel known vulnerabilities at that time which were fixed later on when the cyber attack was stopped by Kaspersky.

After the initial infection, the malware would connect to a Command-and-Control server and start sending information about the network. It was designed to execute tasks which are ordered by C&C servers and upload all the critical data and private files to the server.

Our cyber experts analysed and gather all the data available on ROCRA cyber attack and will publish series of posts to highlight why the attack happened and what could have been done to prevent it. So stay tuned for more. As always keep sharing the info you read here with your friends and family.


What is your reaction?

In Love
Not Sure
Muntaha Saleem
She is an Editor-in-Chief . She is a Telecom engineer and a blogger. She loves to blog about latest technology news and products.

You may also like

Leave a reply