Red faces in Moscow this weekend, with the news that hackers have successfully targeted FSB—Russia's Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing.
FSB is Russia's primary security agency with parallels with the FBI and MI5, but its remit stretches beyond domestic intelligence to include electronic surveillance overseas and significant intelligence-gathering oversight. It is the primary successor agency to the infamous KGB, reporting directly to Russia's president.
A week ago, on July 13, a hacking group under the name 0v1ru$ that had reportedly breached SyTech, a major FSB contractor working on a range of live and exploratory internet projects, left a smiling Yoba Face on SyTech's homepage alongside pictures purporting to showcase the breach. 0v1ru$ had passed the data itself to the larger hacking group Digital Revolution, which shared the files with various media outlets and the headlines with Twitter—taunting FSB that the agency should maybe rename one of its breached activities "Project Collander."
I received a link to the Digital Revolution site where an initial tranche of breached documents was "published two months ago... as part of that 7.5 terabytes." I won't publish the link here for obvious reasons. Digital Revolution has targeted FSB before. It is unknown how tightly the two hacking groups are linked.
BBC Russia broke the news that 0v1ru$ had breached SyTech's servers and shared details of contentious cyber projects, projects that included social media scraping (including Facebook and LinkedIn), targeted collection and the "de-anonymization of users of the Tor browser." The BBC described the breach as possibly "the largest data leak in the history of Russian intelligence services."
As well as defacing SyTech's homepage with the Yoba Face, 0v1ru$ also detailed the project names exposed: "Arion", "Relation", "Hryvnia," alongside the names of the SyTech project managers. The BBC report claims that no actual state secrets were exposed.
The projects themselves appear to be a mix of social media scraping (Nautilus), targeted collection against internet users seeking to anonymize their activities (Nautilus-S), data collection targeting Russian enterprises (Mentor), and projects that seem to relate to Russia's ongoing initiative to build an option to separate the internal internet from the world wide web (Hope and Tax-3). The BBC claims that SyTech's projects were mostly contracted with Military Unit 71330, part of FSB's 16th Directorate which handles signals intelligence, the same group accused of emailing spyware to Ukranian intelligence officers in 2015.
Nautilus-S, the Tor de-anonymization project, was actually launched in 2012 under the remit of Russia's Kvant Research Institute, which comes under FSB's remit. Russia has been looking for ways to compromise nodes within Tor's structure to either prevent off-grid communications or intercept those communications. None of which is new news. It is believed that some progress has been made under this project. Digital Revolution claims to have hacked the Kvant Research Institute before
The preparatory activities for splitting off a "Russian internet," follow Russian President Vladimir Putin signing into law provisions for "the stable operation of the Russian Internet (Runet) in case it is disconnected from the global infrastructure of the World Wide Web." The law set in train plans for an alternative domain name system (DNS) for Russia in the event that it is disconnected from the World Wide Web, or, one assumes, in the event that its politicians deem disconnection to be beneficial. Internet service providers would be compelled to disconnect from any foreign servers, relying on Russia's DNS instead.
There is nothing newsworthy in the projects exposed here, everything was known or expected. The fact of the breach itself, its scale and apparent ease is of more note. Contractors remain the weak link in the chain for intelligence agencies worldwide—to emphasize the point, just last week, a former NSA contractor was jailed in the U.S. for stealing secrets over two decades. And the fallout from Edward Snowden continues to this day.
Digital Revolution passed the information to journalists without anything being edited, removed or changed—they said. Little is known about 0v1ru$ and the group has not come forward with any comment.
Neither, unsurprisingly, has FSB.
Move by pro-EU Prime Minister to turn August 23 into a day of remembrance for victims of totalitarianism may trigger an ideological fight with her pro-Russian coalition partners – who celebrate the victory in 1944 of the Soviet Red Army on that day.( ) Read all
Sept. 1 marks the 80th anniversary of Nazi Germany’s invasion of Poland — an event that heralded the beginning of World War II. Two years later, the United States entered the war as an ally of both Great Britain and the Soviet Union. By that time, France and numerous other...( ) Read all
One of the most celebrated diplomats of his generation, Richard Holbrooke helped normalize U.S. relations with China; served as U.S. ambassador to a newly reunified Germany and then to the United Nations; and, most famously, negotiated the 1995 Dayton peace agreement that ended the war in...( ) Read all
Russia wants to strike a short-term deal with Kiev on gas transit to Europe when the current 10-year agreement expires in order to buy time to complete pipelines that will bypass Ukraine, four sources familiar with Russian thinking said.( ) Read all
Looking for a combined wine and gastronomy vacation? Looking for something adventurous and a bit off the beaten track? Try Moldova. This is probably not the first country that pops up in your mind. Some people may not even know it as a wine country. But it definitely is one. And an old one at that.( ) Read all
The Commission has resumed budget support assistance to the Republic of Moldova by disbursing €14.54 million today to support the implementation of the EU-Moldova free trade agreement, to finance vocational education trainings and to assist the implementation of the visa liberalisation...( ) Read all
German Chancellor Angela Merkel has urged Moldova's new pro-European government to continue on the path of reforms and step up the fight against widespread corruption, saying Berlin would offer Chisinau its support.( ) Read all
Undersecretary of State for Political Affairs David Hale congratulated Moldova's new prime minister, Maia Sandu, and expressed U.S. support for her government during a July 13 meeting in the Moldovan capital.( ) Read all
The first batch of oil from the USA arrived at the port of the Ukrainian city of Odesa. According to the press service of the port, 75 thousand tons of Bakken grade oil was purchased by PJSC Ukrtatnafta and will be processed at the Kremenchuk oil refinery.( ) Read all