“I’m frightened because our enemies are no longer known to us. They do not exist on a map. They’re not nations, they’re individuals. And look around you. Who do you fear? Can you see a face, a uniform, a flag? No! Our world is not more transparent now, it’s more opaque! It’s in the shadows.”
This was one of the most memorable lines from the recent Bond movie Skyfall, as spoken by Dame Judi Dench in her role as M, director of MI6. It’s memorable because of how it managed to capture the essence of spy work in the post-Cold War digital age, and because it pretty much resounds with audiences who are increasingly fearful for their privacy.
In a story that I know I must comb for material for my next cyber novel, a team of cyber sleuths recently uncovered a cyberspy ring that has been spying on embassies, governments and research institutions around the world for the past five years. The virus, which has been dubbed “Red October”, is of uncertain origin, though the culprits are believed to be Russian (hence the name).
For the past five years, the virus has been harvesting documents and data from computers, smartphones and removable storage devices (such as USB sticks), largely from victims in Easter Europe and Central Asia. However, 69 countries were reported as being targeted in total, including the U.S., Australia, Ireland, Switzerland, Belgium, Brazil, Spain, South Africa, Japan and the United Arab Emirates. So far, these victims remain unidentified except to say that in most cases, they were government agencies and embassies, institutions involved in nuclear and energy research and companies in the oil and gas and aerospace industries.
The virus was uncovered by the Kaspersky Lab, a Moscow-based antivirus firm that specializing in internet security. In a statement released on Monday the 14th: “The main purpose of the operation appears to be the gathering of classified information and geopolitical intelligence, although it seems that the information-gathering scope is quite wide.” The virus is still active, they say, but now that the operation is a matter of public record, there’s no telling if it will continue or not.
What’s more interesting is the fact that the spy ring set up an extensive and complex infrastructure consisting of a chain of at least 60 command-and-control servers that appear to rivals the massive infrastructure used by the nation-state hackers that were behind the infamous Flame spay malware that was responsible for infiltrating computers in Iran and across the Middle East last year. However, Kaspersky went on to claim that this network was not associated with Flame, meaning that there is another hacker ring out there that is equally powerful and motivated, and has comparable infrastructure.
All of this calls to mind the Anonymous and the whole debate about hacking and its ethics. Whereas the concept was born of a desire to make information free, deconstruct corporate and government control of media, and break down barriers between nation states, examples like this remind us that there are also insidious hackers, the ones who’s motivation is questionable and who’s actions are less than benign. Alongside “black hat” hackers, the people who spawn malware, spyware, and other viruses from their basements, hackers have it pretty bad on the PR front!
But good or bad, the reality is that hacking and information wars are becoming an increasingly decentralized and democratic affair. For some, this is a good sign, an indication that we are moving towards a truly open and free society. For others, its a very bad sign, since we really have no idea how to contain threats that emerge from what are essentially non-entities.
I swear to God I didn’t pick this story to promote my new book, people! But for some reason, the news cycle seems to have decided to break a story that specifically addresses what I was trying to capture with that book and its planned sequels. So in addition to all the people these “Red October” individual may have screwed over, it seems that they’ve made me look like a shameless self-promoter! I don’t know what your agenda is, be it general mischief, anti-secrecy, freedom of information, or just plain anarchism, but did you ever once think of ME???