FSB, Russia’s largest and most powerful intelligence agency that succeeded the KGB following the dissolution of the Soviet Union, recently suffered the largest data breach in its history when a hacker group stole 7.5 terabytes of data from one of its largest contractors.
The massive data heist was carried out by a hacker group known as Digital Revolution that now claims to possess vast amounts of data concerning several of the FSB’s covert activities that include data scraping from social media platforms, unearthing identities of individuals who engage in secret communications on Tor, and creating a closed Internet for Russia.
These documents were stolen by the hacker group 0v1ru$ (possibly a subsidiary of Digital Revolution) from the servers of SyTech, one of the FSB’s largest contractors. According to reports, SyTech works mostly with FSB’s 16th Directorate which is responsible for signals intelligence.
While many of the stolen documents have been posted to Twitter by Digital Revolution via a series of tweets, the hacker conglomerate has also shared a large number of documents obtained from SyTech with several journalists.
Poorly-kept secrets of FSB revealed to the rest of the world
“The projects themselves appear to be a mix of social media scraping (Nautilus), targeted collection against internet users seeking to anonymize their activities (Nautilus-S), data collection targeting Russian enterprises (Mentor), and projects that seem to relate to Russia’s ongoing initiative to build an option to separate the internal internet from the world wide web (Hope and Tax-3),” said journalist Zak Doffman who covered the cyber heist for Forbes.
None of the covert activities of FSB that were unearthed by 0v1ru$ will surprise Russia watchers as the Putin administration has been known for increasing surveillance on domestic Internet users, creating an isolated version of the Internet that will work only in Russia, as well as carrying out a number of operations that involve the use of social media platforms.
In February this year, the lower house of the Russian parliament passed a new law that allowed the government to isolate Russia from the Internet to prevent enemy countries from launching offensive cyber actions against Russia’s digital assets.
Aside from ensuring that Russian citizens will be able to use the Internet even if other nations deliberately disconnect the Internet to harm Russia, the new law also enabled the Russian government to set up a national DNS system that would store details of all Russian IP addresses and internet domains.
Russia also enacted a data protection law known as the Yarovaya law in 2016 that mandated telecom providers to store voice calls, data, images and text messages of Russian citizens for 6 months and also mandated all messaging services, email and social networks to allow the FSB to access and read their encrypted communications.
As far as attempting to control social media platforms is concerned, Russia used the Yarovaya law to ban Telegram last year after the company failed to hand over encryption keys to the FSB.
In January this year, Roskomnadzor, Russia’s communication watchdog, also filed a legal case against Facebook and Twitter, claiming that the two companies had failed to explain how they planned to abide by the legal requirement of storing Russians’ personal data in data centres located within Russia.