Thursday

20th Jul 2017

Unknown hackers stealing EU files for past five years

  • Kaspersky's map of target countries (highlighted in red) (Photo: kaspersky.com)

Russian Internet security firm Kaspersky Lab says unknown hackers have been stealing EU and Nato-encrypted files.

The operation - dubbed "Red October" - claimed victims in embassies, government and military institutions in Austria, Belgium, Bulgaria, the Czech Republic, Cyprus, Finland, France, Germany, Greece, Ireland, Italy, Latvia, Lithuania, Luxembourg, Portugal, Slovakia and Spain.

Thank you for reading EUobserver!

Subscribe now and get 40% off for an annual subscription. Sale ends soon.

  1. €90 per year. Use discount code EUOBS40%
  2. or €15 per month
  3. Cancel anytime

EUobserver is an independent, not-for-profit news organization that publishes daily news reports, analysis, and investigations from Brussels and the EU member states. We are an indispensable news source for anyone who wants to know what is going on in the EU.

We are mainly funded by advertising and subscription revenues. As advertising revenues are falling fast, we depend on subscription revenues to support our journalism.

For group, corporate or student subscriptions, please contact us. See also our full Terms of Use.

If you already have an account click here to login.

It also hit Australia, Iran, Israel, Russia and the US, among others.

But Belgium, the home of the EU and Nato headquarters, saw 15 separate breaches - the fourth highest number of any country on the list.

Over the past five years, the hackers pulled material, such as files, as well as keystroke history and Internet browsing history, from desktop and laptop computers, servers and USB sticks.

They also stole contact lists, call history and SMS-es from iPhone, Nokia and Windows Mobile smartphones.

In some cases, they hunted for files with extensions "acidcsa, acidsca, aciddsk, acidpvr, acidppr, acidssa," which "appear to refer to the classified software 'Acid Cryptofiler,' which is used by several entities such as the European Union and/or Nato," Kaspersky Lab said in its report.

They even accessed files which had been deleted by users and used malware which quietly resurrects itself after it has been discovered.

The hackers hid behind "proxy" servers in Austria, Germany and Russia.

But Kaspersky Lab's analysis of the malicious code shows traces of Chinese and Russian-speaking authors.

"Currently, there is no evidence linking this with a nation-state-sponsored attack. The information stolen by the attackers is obviously of the highest level and includes geopolitical data which can be used by nation states. Such information could be traded in the underground and sold to the highest bidder, which can be of course, anywhere," it noted.

It added that it began its investigation in October last year following a tip-off from an anonymous "partner."

In an unusual constellation in diplomatic terms, the firm thanked cyber security officials from Belarus, Romania and the US for helping it to nail down details.

Hackers stole Van Rompuy's emails

Hackers last summer raided the emails of EU Council chief Herman Van Rompuy and 10 other senior EU officials.

EU firms among targets in epic-scale hack

An unnamed state actor, believed by some experts to be China, has plundered data from three EU companies, on top of 69 other victims worldwide.

Investigation

Inside the Code of Conduct, the EU's most secretive group

The informal group of national officials that is in charge of checking EU countries' tax laws is now working on the first EU blacklist of tax havens, amid critiques over its lack of transparency and accountability.

Ombudsman asks for more details on Barroso case

Emily O'Reilly has asked the EU Commission to say what former commissioners should be allowed to do after they leave office and explain why it took no decision over its former president's controversial new job.

News in Brief

  1. Polish parliament adopts controversial justice reform
  2. GMO opt-out plan unlikely to go anywhere in 2017
  3. Slovak PM threatens to boycott inferior food
  4. France takes Google's 'right to be forgotten' to EU court
  5. Turkey accuses German companies of supporting terror
  6. Israel's Netanyahu caught calling EU 'crazy'
  7. UK does not collect enough data to expel EU nationals
  8. Polish president threatens to veto justice reform

Stakeholders' Highlights

  1. European Jewish CongressJean-Marie Le Pen Faces Trial for Oven Comments About Jewish Singer
  2. ACCAAnnounces Belt & Road Research at Shanghai Conference
  3. ECPAFood waste in the field can double without crop protection. #WithOrWithout #pesticides
  4. EU2017EEEstonia Allocates €1 Million to Alleviate Migratory Pressure From Libya in Italy
  5. Dialogue PlatformFethullah Gulen's Message on the Anniversary of the Coup Attempt in Turkey
  6. Martens CentreWeeding out Fake News: An Approach to Social Media Regulation
  7. European Jewish CongressEJC Concerned by Normalisation of Antisemitic Tropes in Hungary
  8. Counter BalanceOut for Summer Episode 1: How the EIB Sweeps a Development Fiasco Under the Rug
  9. CESICESI to Participate in Sectoral Social Dialogue Committee on Postal Services
  10. ILGA-EuropeMalta Keeps on Rocking: Marriage Equality on Its Way
  11. European Friends of ArmeniaEuFoA Director and MEPs Comment on the Recent Conflict Escalation in Nagorno-Karabakh
  12. EU2017EEEstonian Presidency Kicks off Youth Programme With Coding Summer School

Latest News

  1. Polish parliament steps up showdown with EU
  2. EU urges UK to clarify its Brexit positions
  3. Law expert: direct EU powers have become too complicated
  4. Winter is here for Spitzenkandidat, but he'll survive
  5. Mafia money pollutes the EU economy
  6. Central Europe should be wary of Brexit stopping
  7. Poland's 'July coup' and what it means for the judiciary
  8. Commission: clean up diesel cars, or EU agency inevitable