The Federal Security Service (FSB), Russia’s principal security agency, revealed today that hackers obtained access to special internet projects. Hackers targeted SyTech, a Moscow company, the contractor of the FSB, obtaining 7.5 terabytes of data.
According to a report from Insider, the hackers, going by the name “0v1ru$,” replaced the company’s homepage with a Yoba Face. The Yoba Face acts as a Russian meme designed to show disrespect for the government agency. 0v1ru$ gave the 7.5 terabyte data to the Digital Revolution, a well-known hacking group operating in the country.
The breach occurred last July 13, 2019, notes Forbes.
Exposed Internet Projects
The hacking groups exposed a number of cyber projects, revealing the names of SyTech project managers handling the case.
Some of the special internet projects include the “Nautilus” and the “Nautilus-S”. Both of these projects “appear to be attempts to scrape social media sites for data extraction,” said Business Insider. These also serve to “identify Russian internet users who seek to access the internet anonymously via Tor browsers.”
Another project revealed by hacking groups includes “Mentor,” which focuses on obtaining information from Russian businesses. Meanwhile, projects “Hope” and “Tax-3” gears itself towards disconnecting “its internal internet from the world wide web,” reports Business Insider.
Despite the massive data leak caused by the attack, reports say that “no actual state secrets were exposed.”
According to a report by BBC Russia, SyTech is contracted with part of the FSB’s 16th Directorate, Military Unit 71330. This makes the firm connected with the group that reportedly attacked Ukrainian intelligence. The attack took place via spyware sent via emails to intelligence officers back in 2015.
Just recently, President Vladimir Putin approved an initiative making sure that Russian internet operates separately from the world wide web. This serves to ensure continued operation in case of disconnection due to external or internal reasons.
The provision states that Russia will have an alternative DNS in case of disconnection. Forbes speculated that one event that could warrant such action is when “politicians deem disconnection to be beneficial.”
In the case of a disconnection, internet service providers (ISPs) would rely only on Russia’s DNS. It would also mean that connection with other foreign servers would stop.
This issue is just one of the many instances in which contractors become the source of vulnerabilities. Other cases include Edward Snowden and a former National Security Agency contractor. Both instances involved contractors stealing and leaking secrets.