Application security, Breach, Compliance Management, Data Security, Privacy

Hackers leak documents stolen from contractor for Russian intel agency

Hackers reportedly stole 7.5 TB of data from a contractor for the Russian intelligence service FSB, and revealed details on several of its activities or prospective projects, including the collecting of information on users of social media services, Tor and P2P networks.

The contractor, SyTech, has worked for FSB's
radio-electronic intelligence unit 71330 since 2009, according to a report from ZDNet, citing Russian media outlets, including BBC Russia.

The July 13 breach reportedly exposed details on "Nautilus," a plan to gather information on users of Facebook, MySpace, LinkedIn and similar services; "Nautilius-S," a project to deanonymize Tor traffic using Tor servers; and "Reward," a scheme to secretly penetrate P2P networks.

Other leaked projects included "Mentor," a plot to monitor email communications on Russian companies' servers; "Hope," a project to understand how the Russian internet connects to other countries' networks; and "Tax-3," a plan to create a closed intranet to store info on sensitive government officials and judges.

Nautilus-S and Hope were actually tested in the wild, while others may have never passed the research phase or may have been a service offered by SyTech that ultimately didn't find itself a customer, according to reports.

The hackers, who refer to themselves as 0v1ru$, reportedly gained access to SyTech's IT network by initially hacking into its Active Directory server. The hackers defaced the company website, posted screenshots on Twitter and even shared the data with fellow hacking group Digital Revolution, who in turn revealed even more details to Russian journalists and to the public via its own Twitter account.

BBC Russia report states that a review of leaked documents found that SyTech "performed work on at least 20 non-public IT projects ordered by Russian special services and departments. These papers do not contain state secrets or secrets."

SyTech reportedly took down its website after the hack and has not responded to media inquiries. The BBC also said that FSB did not respond to a request for comment.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Related

Third-party ransomware attack threatens Sweden’s liquor supply

Swedish government-owned liquor retailer Systembolaget, which is the country's lone vendor of alcoholic beverages, has warned of a shortage of some beers, wines, and spirits across the country following a ransomware attack against its distributor Skanlog, which its CEO Mona Zuko has attributed to a North Korean state-sponsored threat operation, according to The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.