Thursday

24th May 2018

Unknown hackers stealing EU files for past five years

  • Kaspersky's map of target countries (highlighted in red) (Photo: kaspersky.com)

Russian Internet security firm Kaspersky Lab says unknown hackers have been stealing EU and Nato-encrypted files.

The operation - dubbed "Red October" - claimed victims in embassies, government and military institutions in Austria, Belgium, Bulgaria, the Czech Republic, Cyprus, Finland, France, Germany, Greece, Ireland, Italy, Latvia, Lithuania, Luxembourg, Portugal, Slovakia and Spain.

Thank you for reading EUobserver!

Subscribe now for a 30 day free trial.

  1. €150 per year
  2. or €15 per month
  3. Cancel anytime

EUobserver is an independent, not-for-profit news organization that publishes daily news reports, analysis, and investigations from Brussels and the EU member states. We are an indispensable news source for anyone who wants to know what is going on in the EU.

We are mainly funded by advertising and subscription revenues. As advertising revenues are falling fast, we depend on subscription revenues to support our journalism.

For group, corporate or student subscriptions, please contact us. See also our full Terms of Use.

If you already have an account click here to login.

It also hit Australia, Iran, Israel, Russia and the US, among others.

But Belgium, the home of the EU and Nato headquarters, saw 15 separate breaches - the fourth highest number of any country on the list.

Over the past five years, the hackers pulled material, such as files, as well as keystroke history and Internet browsing history, from desktop and laptop computers, servers and USB sticks.

They also stole contact lists, call history and SMS-es from iPhone, Nokia and Windows Mobile smartphones.

In some cases, they hunted for files with extensions "acidcsa, acidsca, aciddsk, acidpvr, acidppr, acidssa," which "appear to refer to the classified software 'Acid Cryptofiler,' which is used by several entities such as the European Union and/or Nato," Kaspersky Lab said in its report.

They even accessed files which had been deleted by users and used malware which quietly resurrects itself after it has been discovered.

The hackers hid behind "proxy" servers in Austria, Germany and Russia.

But Kaspersky Lab's analysis of the malicious code shows traces of Chinese and Russian-speaking authors.

"Currently, there is no evidence linking this with a nation-state-sponsored attack. The information stolen by the attackers is obviously of the highest level and includes geopolitical data which can be used by nation states. Such information could be traded in the underground and sold to the highest bidder, which can be of course, anywhere," it noted.

It added that it began its investigation in October last year following a tip-off from an anonymous "partner."

In an unusual constellation in diplomatic terms, the firm thanked cyber security officials from Belarus, Romania and the US for helping it to nail down details.

Hackers stole Van Rompuy's emails

Hackers last summer raided the emails of EU Council chief Herman Van Rompuy and 10 other senior EU officials.

EU firms among targets in epic-scale hack

An unnamed state actor, believed by some experts to be China, has plundered data from three EU companies, on top of 69 other victims worldwide.

Opinion

EU budget must not fortify Europe at expense of peace

Given the European Commission new budget's heavy focus on migration, border management and security, many are asking whether the proposal will fortify Europe at the expense of its peace commitments.

Opinion

Europe's budget stasis

The EU's budgetary muddling through might not be enough when the next crisis hits.

News in Brief

  1. Gazprom accepts EU conditions on gas supplies
  2. Facebook tells MEPs: non-users are not profiled
  3. Commission proposes ending France deficit procedure
  4. UK households hit with Brexit income loss
  5. Report: EU faces 10% cut in steel exports to US
  6. Australia wants more access to EU agricultural market
  7. CV of Italian PM candidate under scrutiny
  8. Puigdemont Spain extradition rejected by German court

Stakeholders' Highlights

  1. Nordic Council of MinistersOECD Report: Gender Equality Boosts GDP Growth in Nordic Region
  2. Centre Maurits Coppieters“Peace and reconciliation is a process that takes decades” Dr. Anthony Soares on #Brexit and Northern Ireland
  3. Mission of China to the EUMEPs Positive on China’s New Measures of Opening Up
  4. Macedonian Human Rights MovementOld White Men are Destroying Macedonia by Romanticizing Greece
  5. Counter BalanceControversial EIB-Backed Project Under Fire at European Parliament
  6. Nordic Council of MinistersIncome Inequality Increasing in Nordic Countries
  7. European Jewish CongressEU Leaders to Cease Contact with Mahmoud Abbas Until He Apologizes for Antisemitic Comments
  8. International Partnership for Human RightsAnnual Report celebrates organization’s tenth anniversary
  9. Nordic Council of MinistersNordic Cooperation Needed on Green Exports and Funding
  10. Mission of China to the EUPremier Li Confirms China Will Continue to Open Up
  11. European Jewish CongressCalls on Brussels University to Revoke Decision to Honour Ken Loach
  12. Sustainable Energy Week 2018"Lead the Clean Energy Transition"- Register and Join Us in Brussels from 5 to 7 May

Latest News

  1. GDPR does not (yet) give right to global oblivion
  2. Privacy Shield less relevant given GDPR, says data chief
  3. Unknown academic to lead Italy into EU clash
  4. 'Killer robot' projects eligible for EU defence fund
  5. Funding for European values needs radical changes
  6. Feeble EU format deflates Zuckerberg 'hearing'
  7. Are EU data watchdogs staffed for GDPR?
  8. EU pessimistic on permanent US trade exemption