Kaspersky Lab, the Russian cyber security firm on 14 January 2013 revealed that India is one among various nations which are hit by the cyber spying which has been targeting governmental, diplomatic and scientific research organisations for around 5 years. The cyber spying campaign is termed Red October or Rocra by the Kaspersky Lab.
Rocra significantly affected countries like Kazakhstan, Russia, India, Belgium and Azerbaijan apart from other countries in Eastern Europe, Central Asia and Soviet republics. Rocra infected hundreds of the computers across the world in categories such as research institutions, government, diplomatic/embassies, nuclear/energy research, trade and commerce, aerospace and military as well as oil and gas companies.
Kaspersky Lab declared that the cyber spying campaign was functional since 2007 and at present too it is active. Depending upon the Kaspersky Security Network, the number of infections that affected Russia was maximum (35). It was followed by Kazakhstan (21). India, Azerbaijan and Belgium had 15 infections each.
Other affected nations included Armenia (10), Afghanistan (10), Turkmenistan (7), Iran (7), US (6), Vietnam (6), Ukraine (6), Pakistan (5) and Brazil (4).
About Red October
Rocra is the short name given to Red October. Apart from attacking the established computer workstations, Rocra can also steal the data from various smartphones, catch the files from the removable disk drives as well as abandon the network equipment configurations. Rocra can also scan through the local network FTP servers as well as email databases.
Rocra is not like the other highly automatic cyber-spying campaigns such as Gauss and Flame. The attacks of Rocra are very carefully chosen. The configuration of the hardware as well as software of the victim’s device is what drive every operation. Apart from the software and the hardware, every habit of document use and the native language also drive the operation.