Monday, July 22, 2019

Russian Intelligence Hacked, Highlighting Putin's Internet Plans

According to BBC Russia, the Russian intelligence agency's computer systems have been penetrated by an outfit calling itself "0v1ru$" and 7.5 terabytes of data has been stolen.

The hackers were able gain entry to FSB systems through a contractor, SyTech.

BBC Russia broke the news that 0v1ru$ had breached SyTech's servers and shared details of contentious cyber projects, projects that included social media scraping, targeted collection and the "De-anonymization of users of the Tor browser." The BBC described the breach as possibly "The largest data leak in the history of Russian intelligence services." As well as defacing SyTech's homepage with the Yoba Face, 0v1ru$ also detailed the project names exposed: "Arion", "Relation", "Hryvnia," alongside the names of the SyTech project managers.

The projects themselves appear to be a mix of social media scraping, targeted collection against internet users seeking to anonymize their activities, data collection targeting Russian enterprises, and projects that seem to relate to Russia's ongoing initiative to build an option to separate the internal internet from the world wide web.

That effort to build a separate Russian internet is an outgrowth of a series of laws signed recently by President Vladimir Putin that are ostensibly designed to protect Russian interests in the event that Moscow is cut off from the world wide web.

The preparatory activities for splitting off a "Russian internet," follow Russian President Vladimir Putin signing into law provisions for "The stable operation of the Russian Internet in case it is disconnected from the global infrastructure of the World Wide Web." The law set in train plans for an alternative domain name system for Russia in the event that it is disconnected from the World Wide Web, or, one assumes, in the event that its politicians deem disconnection to be beneficial.

Internet service providers would be compelled to disconnect from any foreign servers, relying on Russia's DNS instead. It's interesting to note that contractors continue to be a weak link in security for government agencies.

https://pjmedia.com/trending/russian-intelligence-agency-suffers-largest-data-breach-in-its-history/

No comments: