Don’t you just love it when the hackers get hacked?
According to BBC Russia, the Russian intelligence agency’s computer systems have been penetrated by an outfit calling itself “0v1ru$” and 7.5 terabytes of data has been stolen. 0v1ru$ then passed the data along to the larger, well known group Digital Revolution who then disseminated the information to various media outlets.
BBC Russia also says no state secrets were exposed by the hack.
The hackers were able gain entry to FSB systems through a contractor, SyTech.
BBC Russia broke the news that 0v1ru$ had breached SyTech’s servers and shared details of contentious cyber projects, projects that included social media scraping (including Facebook and LinkedIn), targeted collection and the “de-anonymization of users of the Tor browser.” The BBC described the breach as possibly “the largest data leak in the history of Russian intelligence services.”
As well as defacing SyTech’s homepage with the Yoba Face, 0v1ru$ also detailed the project names exposed: “Arion”, “Relation”, “Hryvnia,” alongside the names of the SyTech project managers. The BBC report claims that no actual state secrets were exposed.
The projects themselves appear to be a mix of social media scraping (Nautilus), targeted collection against internet users seeking to anonymize their activities (Nautilus-S), data collection targeting Russian enterprises (Mentor), and projects that seem to relate to Russia’s ongoing initiative to build an option to separate the internal internet from the world wide web (Hope and Tax-3).
That effort to build a separate Russian internet is an outgrowth of a series of laws signed recently by President Vladimir Putin that are ostensibly designed to protect Russian interests in the event that Moscow is cut off from the world wide web.
But experts see another possible, more sinister motive:
The preparatory activities for splitting off a “Russian internet,” follow Russian President Vladimir Putin signing into law provisions for “the stable operation of the Russian Internet (Runet) in case it is disconnected from the global infrastructure of the World Wide Web.” The law set in train plans for an alternative domain name system (DNS) for Russia in the event that it is disconnected from the World Wide Web, or, one assumes, in the event that its politicians deem disconnection to be beneficial. Internet service providers would be compelled to disconnect from any foreign servers, relying on Russia’s DNS instead.
It’s interesting to note that contractors continue to be a weak link in security for government agencies. The hack by Edward Snowden was made possible by his contract work with the NSA. And the enormous breach of government personnel records at the Office of Personnel Management in 2015 was also due to the penetration of a non-government system.
But schadenfreude is a dish best served cold. Or something.