Home News Attackers compromise Russia’s Secret Intelligence Agency servers

Attackers compromise Russia’s Secret Intelligence Agency servers

Russia becomes the latest victim of a hacking attack that compromised the country’s Federal Security Service (FSB). According to the official statement, the hackers allegedly gained access to 7.5 terabytes of data from a major contractor Sytech.

The incident exposed FSB’s secret projects like how Russia is trying to carry out de-anonymization of users of the Tor browser collecting information of users’ social networks, and separating the Russian internet operations from the rest of the world.

The attack occurred on July 13, 2019, by an unknown hacking group named 0v1ru $. Hackers allegedly accessed into SyTech’s Active Directory server from where they gained access to the company’s entire IT network and defaced the company’s website with a “yoba face,” an emoji used in Russian for trolling.

Hackers then posted screenshots of the company’s servers on Twitter and later shared the stolen data to another hacking group called Digital Revolution, which later shared the stolen files on their Twitter account and with Russian journalists.

According to a threat report from cybersecurity firm CrowdStrike, hackers tied to Russian intelligence agencies are 8 times faster than North Koreans, Chinese, and Iranians in hacking. In its report dubbed Global Threat Report 2019: Adversary Tradecraft and the Importance of Speed, CrowdStrike stated the Russians are the most sophisticated among the many nation-state adversaries that are regularly hacking government and private computers in the United States.

In August 2018, Microsoft Corporation revealed that hackers linked to Russian military intelligence tried to hack the websites of two conservative think-tanks in the United States ahead of November’s midterm elections. It said that it detected and seized websites that were created by hackers linked to the Russian unit to mimic the pages of the International Republican Institute and the Hudson Institute.  These sites are designed to redirect the users to fake web pages where they were asked to enter usernames, passwords, and other credentials.