Saturday

3rd Dec 2016

Unknown hackers stealing EU files for past five years

  • Kaspersky's map of target countries (highlighted in red) (Photo: kaspersky.com)

Russian Internet security firm Kaspersky Lab says unknown hackers have been stealing EU and Nato-encrypted files.

The operation - dubbed "Red October" - claimed victims in embassies, government and military institutions in Austria, Belgium, Bulgaria, the Czech Republic, Cyprus, Finland, France, Germany, Greece, Ireland, Italy, Latvia, Lithuania, Luxembourg, Portugal, Slovakia and Spain.

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

It also hit Australia, Iran, Israel, Russia and the US, among others.

But Belgium, the home of the EU and Nato headquarters, saw 15 separate breaches - the fourth highest number of any country on the list.

Over the past five years, the hackers pulled material, such as files, as well as keystroke history and Internet browsing history, from desktop and laptop computers, servers and USB sticks.

They also stole contact lists, call history and SMS-es from iPhone, Nokia and Windows Mobile smartphones.

In some cases, they hunted for files with extensions "acidcsa, acidsca, aciddsk, acidpvr, acidppr, acidssa," which "appear to refer to the classified software 'Acid Cryptofiler,' which is used by several entities such as the European Union and/or Nato," Kaspersky Lab said in its report.

They even accessed files which had been deleted by users and used malware which quietly resurrects itself after it has been discovered.

The hackers hid behind "proxy" servers in Austria, Germany and Russia.

But Kaspersky Lab's analysis of the malicious code shows traces of Chinese and Russian-speaking authors.

"Currently, there is no evidence linking this with a nation-state-sponsored attack. The information stolen by the attackers is obviously of the highest level and includes geopolitical data which can be used by nation states. Such information could be traded in the underground and sold to the highest bidder, which can be of course, anywhere," it noted.

It added that it began its investigation in October last year following a tip-off from an anonymous "partner."

In an unusual constellation in diplomatic terms, the firm thanked cyber security officials from Belarus, Romania and the US for helping it to nail down details.

MEP barred from questioning Oettinger on plane trip

The Hungarian Green MEP who uncovered EU Commissioner Oettinger's flight to Budapest on a private plane of a lobbyist was not allowed to ask the German politician on the issue in the EP.

Column / Rem@rk@ble

Juncker’s time is running out

EU Commission chief's defensive media blitz reinforces the very thing he wants to deny: It’s time to leave.

News in Brief

  1. Talks on wholesale roaming rules to start
  2. Lead MEP Dieselgate committee: Italy and Slovakia will cooperate
  3. Transparency NGO sues EU commission on Turkey deal
  4. Pro-EU liberal wins UK by-election
  5. Finnish support for Nato drops, Russia-scepticism grows
  6. Cyprus talks to resume in January
  7. Documents from German NSA inquiry released
  8. Transport commissioner 'not aware' of legal action on emissions

Stakeholders' Highlights

  1. CESIElects Leaders and Sets Safety & Health at Work and Gender Equality Among the Guidelines For Next Term
  2. European Gaming & Betting AssociationContinues to Grow its Membership and Welcomes its Newest Member Association
  3. ACCASupports the Women of Europe Awards, Celebrating the Women who are Building Europe
  4. European Heart NetworkWhat About our Kids? Protect Children From Unhealthy Food and Drink Marketing
  5. ECR GroupRestoring Trust and Confidence in the European Parliament
  6. UNICEFChild Rights Agencies Call on EU to put Refugee and Migrant Children First
  7. MIRAIA New Vision on Clean Tech: Balancing Energy Efficiency, Climate Change and Costs
  8. World VisionChildren Cannot Wait! 7 Priority Actions to Protect all Refugee and Migrant Children
  9. ANCI LazioRegio-Mob Project Delivers Analysis of Trasport and Mobility in Rome
  10. SDG Watch EuropeCivil Society Disappointed by the Commission's Plans for Sustainable Development Goals
  11. PLATO15 Fully-Funded PhD Positions Open – The Post-Crisis Legitimacy of the EU (PLATO)
  12. Access NowTell the EU Council: Protect our Rights to Privacy and Security