SOURCE: CounterTack


February 04, 2013 09:00 ET

CounterTack's Stateful Compromise Indicators Detect "Red October" Attack Within First 90 Seconds of Infection

CounterTack to Demonstrate Deep System Inspection Capabilities at RSA Conference 2013

WALTHAM, MA--(Marketwire - Feb 4, 2013) - CounterTack, the industry's first and only provider of in-progress cyber attack intelligence and response solutions, today announced that its Cyber Counter-Intelligence Research Labs has successfully detected a "Red October" malware attack within 90 seconds of infection of a victim system via CounterTack's Stateful Compromise Indicators (SCIs).

"Red October," the notorious, highly organized cyber espionage campaign first investigated and reported by Kaspersky Labs, has infiltrated the networks of government and enterprises in numerous regions, particularly Eastern Europe, former states of the Soviet Union and Asia, largely targeting sensitive government, diplomatic and scientific research information. Beginning in 2007, many Red October campaign components went undetected by anti-virus programs for months and even years after infection.

"Through the use of armoring techniques, which focus on evading and silently disabling host-based security systems, the Red October campaign operated successfully underground for several years by simply re-purposing the same crimeware tools over and over again," said Sean Bodmer, chief researcher, counter-exploitation intelligence, CounterTack. "Today's cyber battle is not only against the advanced crimeware itself, but also against the evasion and exploit techniques employed by the sophisticated architects behind these tools. The Red October campaign sheds light on a larger underlying issue: the widening detection gap between a safe and septic enterprise."

Through the expanded usage of next-generation honeynets, CounterTack is poised to deliver a series of innovations aimed at closing this significant detection gap in the cyber security industry. Over the next month and at the upcoming 2013 RSA Conference in San Francisco, Calif., CounterTack (booth #2533) will unveil:

  • The most recent findings from CounterTack's Cyber Counter-Intelligence Research Labs -- including the successful detection of Red October malware and other targeted attacks;
  • Newly patented technology that will enable monitoring from deep within the operating systems of actual production assets to detect previously undetectable attacks;
  • Two new, game-changing solutions focused on deep system inspection and new Stateful Compromise Indicators, purpose-built to narrow today's existing detection gap.

To schedule a one-on-one meeting with CounterTack researchers during RSA Conference 2013, please visit here. For more information, please visit

About CounterTack
CounterTack, the industry's first and only in-progress attack intelligence and response solution provider, was born out of the critical need for enterprise and government organizations to approach security in a completely different way -- combating advanced persistent threats with a new line of defense. Each year, more than $32 billion is spent worldwide on security technologies, yet motivated cyber attackers are still finding ways to penetrate the most sophisticated, layered defenses. CounterTack solves this problem by offering the fastest detection and deepest attack intelligence available, enabling customers to actively engage with the attacker and take control over the impact of the attack -- even while it's happening. Based in Waltham, Mass., CounterTack is backed by Fairhaven Capital and a group of private investors.