Russian FSB Hacked: "Largest data breach in its history"

Uploaded on 2019-07-22 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Hackers have successfully targeted the FSB - Russia's Federal Security Service - reports say. Details were revealed of cyber projects that included social media scraping, targeted collection and the "de-anonymization of users of the Tor browser." 

The perpetrators managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing, Forbes reported.

A week ago, on July 13, hackers under the name 0v1ru$ reportedly breached SyTech, a major FSB contractor. With the data stolen, 0v1ru$ left a smiling Yoba Face on SyTech's homepage alongside pictures purporting to showcase the breach. 0v1ru$ then passed the data itself to the larger hacking group Digital Revolution, which shared the files with various media outlets, taunting FSB that the agency should maybe rename one of its breached activities "Project Collander."

Russia broke the news that 0v1ru$ had breached SyTech's servers and shared details of contentious cyber projects, projects that included social media scraping (including Facebook and LinkedIn), targeted collection and the "de-anonymization of users of the Tor browser."

The BBC described the breach as possibly "the largest data leak in the history of Russian intelligence services."

As well as defacing SyTech's homepage with the Yoba Face, 0v1ru$ also detailed the project names exposed: "Arion", "Relation", "Hryvnia," alongside the names of the SyTech project managers. The BBC report claims that no actual state secrets were exposed.

The projects themselves appear to be a mix of social media scraping (Nautilus), targeted collection against internet users seeking to anonymize their activities (Nautilus-S), data collection targeting Russian enterprises (Mentor), and projects that seem to relate to Russia's ongoing initiative to build an option to separate the internal internet from the world wide web (Hope and Tax-3).

The BBC claims that SyTech's projects were mostly contracted with Military Unit 71330, part of FSB's 16th Directorate which handles signals intelligence, the same group accused of emailing spyware to Ukranian intelligence officers in 2015.

Read also U.S. legislators draft sanctions on 24 FSB operatives over 24 Ukrainian POW sailors There is nothing newsworthy in the projects exposed here, everything was known or expected. The fact of the breach itself, its scale and apparent ease is of more note. Contractors remain the weak link in the chain for intelligence agencies worldwide—to emphasize the point, just last week, a former NSA contractor was jailed in the U.S. for stealing secrets over two decades.

The fallout from Edward Snowden continues to this day. Digital Revolution passed the information to journalists without anything being edited, removed or changed—they said. Little is known about 0v1ru$ and the group has not come forward with any comment. Neither, unsurprisingly, has FSB. 

UNIAN:              Security Affairs:          Forbes:

You Might Also Read:

US Hackers Penetrate Russia's Electric Grid:

Britain Plots Cyber Revenge On Russia For Novichok Poisonings:

Spy vs Spy - Cozy Bear Hackers Hacked:

 

 

« The Destabilizing Danger Of Cyberattacks On Missile Systems
Privacy: Can You Trust FaceApp With Your Face? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Advenica

Advenica

Advenica develops, manufactures and sells innovative cybersecurity solutions for encryption and secure information exchange.

tietoevry

tietoevry

Tietoevry creates digital advantage for businesses and society. We are a leading digital services and software company with local presence and global capabilities.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

Focal Point Data Risk

Focal Point Data Risk

Focal Point is a pure-play data risk management provider capable of offering end-to-end consulting, implementation, and training services.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Flexential

Flexential

Flexential helps organizations optimize their journey of IT transformation while simultaneously balancing cost, scalability, compliance and security.

Workz Group

Workz Group

Workz connects and protects mobile subscribers of today and tomorrow by providing secure removable or embedded SIMs and remote provisioning solutions for consumer, M2M and IOT devices.

Dutch Accreditation Council (RvA)

Dutch Accreditation Council (RvA)

RvA is the national accreditation body for the Netherlands. The directory of members provides details of organisations offering certification services for ISO 27001.

CyberSaint Security

CyberSaint Security

CyberSaint’s CyberStrong Platform empowers organizations to implement automated, intelligent cybersecurity compliance and risk management.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

Flatt Security

Flatt Security

Flatt Security is a cyber security startup based in Japan providing security assessments and other cyber security services.

IMQ Group

IMQ Group

IMQ is one of Europe’s top players in the field of conformity assessment. We offer certification services to support all the major sectors of the manufacturing and service industries.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

Hexens

Hexens

Hexens introduces a whole new approach to cybersecurity solutions. Indisputable skills and a unique super-focused perspective on every single case are the values we create.

Texaport

Texaport

Texaport's vision is to be the trusted partner of choice for organisations seeking comprehensive IT management and cutting-edge security solutions.

Swick Technologies (SWICKtech)

Swick Technologies (SWICKtech)

SWICKtech offer IT managed services to increase IT security, stability, and performance for your organization.