Kenya among the countries hit by espionage software
Posted Thursday, January 17 2013 at 21:38
- The new spying software known as “Red October” was detected this week by Kaspersky Lab despite having been in existence for the last five years.
- It has been used to steal information from governments, embassies, the military and research institutes in different parts of the world.
- The software has the ability to steal live information, delete files and to deploy more malicious codes for gathering intelligence needed by the attackers.
Kenya is among five African countries hit by a new espionage software targeting information from government agencies and research institutions.
The new spying software known as “Red October” was detected this week by Kaspersky Lab despite having been in existence for the last five years.
It has been used to steal information from governments, embassies, the military and research institutes in different parts of the world.
“We knew of the attacks after an alert from our global cybersecurity networks. I cannot pinpoint the embassies but normally the attackers target countries they have a keen interest in,” said Information and Communications permanent secretary Bitange Ndemo.
In April last year Kenya Computer Incident Response Team (KE-CIRT) was established to monitor internet traffic in an effort to curb cybercrime.
The Communications Commission of Kenya also invested Sh20 million last year in equipment to connect to other regional and global networks to monitor and tackle cyber crimes.
According to Kaspersky Lab, the attackers deliver the spyware via e-mail attachments such as Microsoft Excel, Word and probably PDF documents to unsuspecting victims.
Once a recipient opens the documents on a vulnerable system, the malicious code spreads and squats in the recipient’s computer where it initiates communication with servers controlled remotely by the attackers.
The software has the ability to steal live information, delete files and to deploy more malicious codes for gathering intelligence needed by the attackers.
The spyware, believed to be the work of Russian attackers, is also capable of infiltrating smartphones, networking equipment and removable hard drives.
KE-CIRT, a Moscow-based cybersecurity firm, said Red October was launched in 2007 targeting networks inside embassies and research institutes, trade and commerce offices; and energy, aerospace and defence firms in more than 20 countries.
The main objective of the attackers was to gather intelligence from the compromised organisations, which included computer systems, personal mobile devices and network equipment,” read a report released on Tuesday.
Most of the targets were in Eastern Europe and others in North America, Western Europe and Africa where the spyware also hit diplomatic missions of South Africa, Tanzania, Uganda and Congo.
Cybersecurity analysts said government agencies and even private firm will need to invest in detection software that sells at between Sh1 million and Sh5 million to guard against malicious attacks.