Some call it poetic justice and others call it the “biggest data breach in history” after the Russian secret intelligence agency, Federal Security Service (FSB), has been hacked, exposing confidential operations that aim to de-anonymize Tor browsing, scrape information from social media, and efforts to split the country’s internet services from the rest of the world.
Hackers have managed to hack more than 7.5 terabytes of data from FSB’s principal contractor and sent the data collected from the attack to local and international media outlets for publishing.
The Federal Security Service or FSB is Russia’s secret intelligence agency similar to the CIA, the FBI, and MI5, but sources reveal that their operations are not only limited to local and in-country surveillance but also stretches to international espionage and significant intelligence-gathering oversight. It is the agency successor of the controversial KGB that directly reports to the president of Russia.
According to sources, a hacker group in the name of 0v1ru$ has successfully penetrated and breached SyTech, an FSB contractor, on July 13. SyTech is commissioned by the Federal Security Service for a range of live and exploratory internet-related projects. As part of the MO, the hackers left a Yoba Face on SyTech’s homepage alongside pictures purporting to showcase the breach.
Another source revealed that 0v1ru$ passed the hacked data to a more extensive hacking network known as the Digital Revolution, who later sent the hacked data to various local and international news outlets, urging them to publish the leak. Digital Revolution also taunted the FSB of the purported hacking by posting on Twitter that the agency should rename one of its project that was compromised during the hack as “Project Collander.”
Aside from defacing the FSB website with the Yoba Face, 0v1ru$ also revealed the confidential names of the FSB operations that are included in the breach. They named “Arion,” “Relation,” “Hryvnia,” alongside the names of the SyTech project managers of the project. Nonetheless, local news source claims that there were no actual state secrets that were disclosed during the breach.
It also appears that the hacking project has been taking place for quite some time already. A Forbes reporter wrote that he was able to receive a link to the Digital Revolution website and saw that there are entries for the hack that says they were “published two months ago… as part of that 7.5 terabytes.”
BBC Russia, who is one of the first to report about the said data breach, has revealed that 0v1ru$ was able to breach the SyTech system and found documents revealing FSB’s clandestine operations such as social media scraping including Facebook and LinkedIn, targeted data collection, and “de-anonymization of users of the Tor browser.” According to BBC Russia, this data breach could possibly be “the largest data leak in the history of Russian intelligence services.”
According to BBC, the data exposed in the breach were focused on Project Nautilus which is Russia’s program to scrape data off of social media websites, Project Nautilus S or targeted collection of data against internet users seeking to anonymize their activities, Project Mentor that collects data from Russian enterprises and businesses and as well as China’s efforts to find a way to isolate the country’s internet services from the rest of the modern world known as Projects Hope and Tax-3.
Local sources said that SyTech’s projects were mostly contracted by Military Unit 71330, part of FSB’s 16th Directorate that handles the country’s signal intelligence, the same organization accused of deploying emailing spyware to Ukranian intelligence officers in 2015.
Analysts believed that there is nothing new that has been exposed in the breach as all the programs revealed in the leak were part of publicly announced projects. However, the mere fact that the FSB, which is supposedly the security service of the country, was hacked is enough to bring the Russian government to a state of worry.
Many tech experts have been warning governments that high-level contractors remain as the weak links in government systems, especially for high-value targets as that of a country’s intelligence agencies. Last week an NSA contractor was jailed for stealing state secrets for two decades.
Comments have not been made regarding the data breach from 0v1ru$ as well as from the FSB until today.